Welcome to the latest edition of Olswang’s Cyber Alert (PDF available here), a regular round up of regulation, best practice and news from our international cyber breach and crisis management team.
Q2 has seen the publication of several major reports into the current threat landscape. In this edition we review:
- the Ponemon Institute’s tenth annual study into the cost of data breaches which gives insight into the measures that can reduce the cost of breaches – and those responses which can actually be counter-productive in terms of cost;
- PwC’s 2015 breaches survey which reveals that one third of businesses are still failing to assess cyber risk; and
- The first annual report of the UK Computer Emergency Response Team with its analysis of the key threats of the past year and its predictions for the year ahead.
In our regulatory radar section, we track the progress of various legislative initiatives including:
- Germany’s adoption of its new IT Security Act;
- the start of trilogue negotiations between the EU institutions E to agree the text of the draft General Data Protection Regulation with the aim of adopting a text by the end of this year; and
- the progress of the draft Network and Information Security Directive, the main principles of which were agreed on 29 June but which has still not been formally adopted and which still lacks clarity over the controversial issue of the extent to which online service providers and social networks will be caught.
Meanwhile, the eagerly-awaited Advocate General’s opinion in the Schrems v Facebook case, which will be pivotal to the status of the US Safe Harbor scheme, due to be published on 24 June, has been delayed. Negotiations between the EU and US to bring the system into line with EU data standards, continue.