Cyber Security

Treasury Committee inquiry: IT failures in the financial services sector

The House of Commons Treasury Committee has launched an inquiry into IT failures in the financial services sector. The inquiry will focus on the causes and consequences of operational incidents in the financial services sector and will examine the work … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection & Privacy, Technology

Court of Appeal confirms Morrisons vicariously liable for employee’s deliberate actions in first successful UK class action for data breach

The Court of Appeal has today dismissed an appeal against the High Court’s decision that Morrisons was vicariously liable for its employee’s misuse of data, despite: (i) Morrisons having done as much as it reasonably could to prevent the misuse; … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection & Privacy, Digital, News, UK Law

NIS Directive and Regulations now in force

The EU Network and Information Systems Directive (“NISD”) was required to be implemented into national law by 9 May 2018. The UK implementing regulations (the Network and Information Systems Regulations 2018) (“Regulations”) are now in force. The Regulations impose cyber … Continue reading

Leave a Comment

Filed under Cyber Security

Compliant or not: the GDPR is here

The GDPR came into force on 25 May 2018 and brought with it additional rights for individuals and additional obligations for organisations. It also extends its reach beyond European borders and applies not just to companies within the EEA but … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection & Privacy

Data breaches: new Article 29 Working Party guidance

In anticipation of the GDPR, various guidance has been published by the Article 29 Working Party, the body of national EU data regulators. Of most relevance in the cyber context is the guidance on personal data breach notifications; the Article … Continue reading

Leave a Comment

Filed under Cyber Security, Data Protection & Privacy, GDPR, Guidance

Court makes permanent injunction against unknown parties preventing disclosure of confidential information unlawfully removed from computer

In the cases of Clarkson Plc v Person(s) Unknown (“Clarkson”) and PML v Person(s) unknown (“PML”), the court has created a new tool in the fight against cyber attackers. The defendants who are unknown person(s) gained unauthorised access to the … Continue reading

Leave a Comment

Filed under Cyber Security

National Cyber Security Centre issues guidance on cloud-enabled products

The UK’s National Cyber Security Centre (‘NCSC’) released a set of guidance, ‘Managing the risk of cloud-enabled products,’ at the end of 2017. The purpose of this guidance is to help companies understand and mitigate the risks of cloud-enabled products … Continue reading

Leave a Comment

Filed under Cyber Security, Technology

ECB announces a new European Framework for Threat Intelligence-based Ethical Red Teaming

On 8 May 2018, the European Central Bank (“ECB”) announced the launch of a European framework for testing financial sector resilience to cyber attacks – the European Framework for Threat Intelligence-based Ethical Red Teaming (“TIBER-EU”). The ECB says that the … Continue reading

Leave a Comment

Filed under Cyber Security

Risk of a “Meltdown”? Recent authority guidance and practical tips to mitigate the risk of organisations falling victim to the latest cyber exploits

Significant vulnerabilities that could allow cyber attackers to compromise data have been found in common processors in almost all modern devices. What are “Meltdown” and “Spectre”? The vulnerabilities, known as “Meltdown” and “Spectre”, are two related so-called “side-channel” attacks that … Continue reading

Leave a Comment

Filed under Cyber Security, Technology

Cyber insurance requirements in commercial contracts: getting it right

Cyber incidents have the capacity to cause many different types of loss. Insurance coverage exists for at least some aspects of cyber risks in the UK market. However, given the range and diversity of risks that may arise, there are … Continue reading

Leave a Comment

Filed under Cyber Security