Last week, the Department for Digital, Culture, Media & Sport issued a Call for Views on the certification scheme currently anticipated by Regulation (EU) 2019/881 (the Cybersecurity Act) after Brexit. The closing date for responses has been extended to 15 October 2019. In the issued document, the UK Government proposes to maintain “a close relationship with the EU … Read more

Cyber-attacks are a continuous threat to both businesses and charities. From the Cyber Security Breaches Survey 2019 (available here as a PDF), we can see that fewer businesses are identifying breaches than in previous years, but the ones that are identifying breaches are typically experiencing more of them. Approximately 32% of businesses and 22% of … Read more

The National Cyber Security Centre (NCSC) and the Information Commission Office (ICO) have clarified their roles in relation to breaches of cyber security.  NCSC manages cyber incidents at a national level to prevent harm being caused to both victims and the UK overall. It helps manage the response at a governmental level and seeks to ensure that lessons are learned to help deter future attacks. The ICO is the independent regulator for enforcing and monitoring data protection legislation and the competent authority for Digital Service Providers under the Network and Information Systems (NIS) Directive. The ICO is the first port of call for organisations who have suffered a breach of cyber security. Read more

In response to what the government has identified as significant shortcomings in the security of consumer internet of things (IoT) devices, the government is consulting on proposals to regulate their security. The consultation is aimed at a broad range of entities connected with the IoT, ranging from device manufacturers and IoT service providers to mobile … Read more

On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member … Read more

  2018 was a landmark year for digital TMT and sourcing. Against the backdrop of the UK’s impending departure from the EU, there were a wealth of highlights as regulation moved further towards greater harmonisation at the European level; the EU General Data Protection Regulation (“GDPR“) came into effect on 25 May 2018 and implemented … Read more

The UK Government recently launched a Call for Views on its Initial National Cyber Security Skills Strategy. The closing date for stakeholder responses is 1 March 2019, with the final strategy document expected to be published late in 2019. Read more