NIS Directive and Regulations now in force

The EU Network and Information Systems Directive (“NISD”) was required to be implemented into national law by 9 May 2018. The UK implementing regulations (the Network and Information Systems Regulations 2018) (“Regulations”) are now in force.

The Regulations impose cyber security standards on operators of essential services (“OES”) and certain digital service providers (“DSPs”) to help ensure that cyber attacks do not damage the wider economy. Continue reading

Risk of a “Meltdown”? Recent authority guidance and practical tips to mitigate the risk of organisations falling victim to the latest cyber exploits

Significant vulnerabilities that could allow cyber attackers to compromise data have been found in common processors in almost all modern devices.

What are “Meltdown” and “Spectre”?

The vulnerabilities, known as “Meltdown” and “Spectre”, are two related so-called “side-channel” attacks that have been found in central processing chips (CPUs) designed by Intel, AMD (Advanced Micro Devices Inc) and ARM (Advanced RISC Machines Ltd). The issue was recently discovered by security researchers at Google’s Project Zero in conjunction with academic and industry researchers from several countries. Continue reading