Digital TMT and Sourcing Predictions 2019

  2018 was a landmark year for digital TMT and sourcing. Against the backdrop of the UK's impending departure from the EU, there were a wealth of highlights as regulation moved further towards greater harmonisation at the European level; the… Read more

NIS Directive and Regulations now in force

The EU Network and Information Systems Directive (“NISD”) was required to be implemented into national law by 9 May 2018. The UK implementing regulations (the Network and Information Systems Regulations 2018) (“Regulations”) are now in force. The Regulations impose cyber… Read more

Compliant or not: the GDPR is here

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but… Read more

Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article… Read more

Managing cyber security risks in the telecommunications sector

Cyber security remains in the public eye with multiple incidents and vulnerabilities reported affecting telecoms companies. Telecoms companies need to continue to focus on the risks and consider updating their pro-active defence and cyber security response plans to reflect the… Read more

Operational impact of cyber-attacks on wind turbines

At this year’s Black Hat, a leading information security conference held in Las Vegas, cyber security researchers exposed new vulnerabilities in industrial control systems and warned that malware (including ransomware) could force companies to have to choose between expensive downtime… Read more

HSF assists Airmic to prepare guide to cyber insurance

Herbert Smith Freehills has assisted Airmic (the UK association for those with a responsibility for risk management and insurance) along with others including Lloyd’s of London, to prepare a guide on cyber risk for policyholders. Cyber risk is a key… Read more

SWIFT publishes mandatory controls for customers

In April 2017, the Society for Worldwide Interbank Financial Telecommunications (SWIFT) published a final version of its Customer Security Controls Framework (the "Framework"), as part of its Customer Security Programme which launched in June 2016. SWIFT is a messaging network… Read more

ENISA report includes guidance on CSIRT maturity assessment

On 12 June 2017, the European Union Agency for Network and Information Security ("ENISA") published a new report which includes a comprehensive overview of parameters for Computer Security Incident Response Teams to assess their respective maturity. The EU Network and… Read more

Proof of concept hack on smart TVs heading

The vast room for improvement in protecting Internet-of-Things ("IoT") devices has once again been highlighted by the recent proof of concept attack on Samsung smart TVs carried out by Swiss security consulting company, Oneconsult, in March 2017. Using an inexpensive… Read more