Last month, Korea passed the world's first cloud-specific law, with the stated aim of driving the adoption of cloud computing in Korea. But what are the practical implications for cloud customers and cloud services providers in Korea? When does it come into force? On 3 March 2015, the Korean National Assembly passed the Act on the Development of Cloud Computing and Protection of Users (Cloud Act). The bill has been under consideration since October 2013. The final version of the Cloud Act is available here (currently only available in Korean). The Cloud Act comes into force on 28th September this year. Before the Cloud Act comes into force, the Ministry of Science, ICT and Future Planning (Ministry) will establish additional rules for cloud services (as explained below). What will it do? The good news for cloud customers and cloud services providers alike is that the Cloud Act aims to promote the cloud market in Korea. The … Continue Reading ››
UK standards and benchmarks
- Cybersecurity guidance for non-executive directors: 25 key questions to ask: Reflecting just how far cybersecurity has now risen up the business agenda, in December 2014, the Department for Business, Innovation and Skills (BIS) issued “Cyber Security: balancing risk and reward with confidence (Guidance for Non-Executive Directors)”.Read our summary of the key issues here.
- Latest FTSE 350 Cyber governance Health Check shows that cyber threat continue to rise up the risk agenda: In January BIS released its second annual review of FTSE 350 companies’ preparedness for potential cyber attacks. The BIS report, entitled “FTSE 350 Cyber Governance Health Check Tracker Report”, revealed a number of interesting trends. Read our summary of the key issues here.
- Revised Cybersecurity Guidance for Businesses: In January the UK government revised and augmented its cybersecurity guidance (originally published in 2012). The revised suite of documents, published jointly by The Cabinet Office, … Continue Reading ››
Last year on this blog we reported on the newly-published ISO 27018 - the first global security standard for cloud services. Earlier this year, we compared ISO 27018 with Singapore’s data protection laws (and others) and showed that ISO 27018 will help cloud customers to comply with these laws when using public cloud services. This month, we blogged on the latest market developments and noted that ISO 27018 is becoming the “go to” standard to help cloud customers to comply with their privacy obligations when using public cloud services. Cloud customers, CSPs and regulators are using (and benefiting from) this new useful standard around the world. We expect this to continue as more companies (and more personal data) move to the public cloud services. With thanks to Matthew Hunter, Olswang Associate in the Singapore office, for his contribution to this article.
Datonomy’s correspondents in Asia take an in-depth look at the new ISO 27018 and evaluate how it can help cloud customers meet the requirements of Singapore’s new Personal Data Protection Act. Back in September I blogged on the then newly-published ISO 27018, the first global security standard specifically applying to cloud services. In this recent post my colleague Daniel Jung and I take an in-depth look at how the new ISO measures up to Singapore’s new PDPA. The article will also be of wider interest to cloud customers and cloud providers as it considers the various ways a cloud provider can demonstrate compliance with the new standard. To read the post, please visit Datonomy’s sister blog Watching The Connectives at this link.