Future of Consumer APAC: Confronting complexity in cybersecurity trends for the consumer sector

Cameron Whittfield and Peggy Chow discuss the latest cybersecurity trends for consumer-facing companies including external threats which may include working with third parties and complex supply chains through to the malicious targeting of companies with ransomware, current affairs and social engineering, the cryptocurrency marketplace and geopolitical factors. They emphasise the importance of internal stakeholders speaking … Read more

US Congress enacts significant new law mandating cyber incident and ransomware reporting on businesses

On March 15, 2022, US President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA or the Act) into law.  Under its provisions, a broad range of private and public-sector entities operating in “critical infrastructure” sectors will for the first time have mandatory reporting obligations in connection with “cyber incidents” and ransomware attacks.  Specifically, “covered entities” are required to report certain “substantial” cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours of the event, and to report ransomware payments within 24 hours of payment. Read more

Article published – Lloyd v Google: the upshot for data class actions

The exponential growth in the volume of data being collected and shared, along with the ease and reduced costs of gathering, analysing, using and exploiting data, has resulted in a corresponding increase in data protection laws and regulations. Against that background, data class actions have been a growing phenomenon, driven in part by the interest of claimant law firms and litigation funders in this area. Read more

Hong Kong, can you handle this? The HKMA proposes new standards for operational resilience

Following the HKMA’s 21 April 2021 circular highlighting the additional guidance issued by the BCBS on 31 March 2021, namely the Principles for Operational Resilience and the Revised Principles for Sound Management of Operational Risk, the HKMA launched a consultation on 22 December 2021 on a new proposed Supervisory Policy Manual module OR-2 (Operational Resilience) and proposed amendments to existing SPM modules TM-G-2 (Business Continuity Planning) and OR-1 (Operational Risk Management) in order to align with the BCBS’s operational resilience guidance. Read more