Tag Archives: GDPR

The latest round up of legal and regulatory developments and other news on cybersecurity from the Datonomy blogging team at Olswang LLP. UK policy and regulatory developments
  • PwC has released its 2015 Information security breaches survey, conducted on behalf of the Department for Business, Innovation and Skills.  Some of the key findings from the report include:
    • There has been an increase in the number of large and small organisations suffering security breaches (90% of large organisations reported that they suffered a security breach – up from 81% in 2014);
    • For large organisations, the median number of security breaches for a year was 14;
    • The average cost of the worst single breach suffered by large organisations has more than doubled (from £600k to £1.46m);
    • Despite this increased severity, employee vigilance appears not to be improving as the 50% of the worst breaches suffered were attributed to inadvertent human error (up from 31% in 2014).
  • On the back … Continue Reading ››
The latest round up of regulatory news from the Datonomy blogging team at Olswang LLP. Reports and statistics  The Ponemon institute has published its 10th annual benchmarking study into the Cost of Data Breach for the US. Headline statistics, which drew on a sample of 62 US companies in 16 sectors, include the following:
  • $6.5m is the average total cost of data breach
  • 11% increase in total cost compared to last year
  • $217 is the average cost per lost or stolen record (up 8%)
  • Malicious or criminal attacks continue to be the primary cause of breach, and these were also the most costly breaches.
Olswang will provide further coverage of the latest Ponemon findings in its Q2 Cyber Quarterly . UK policy and regulatory developments
  • CERT-UK: CERT’s latest weekly update is available here and highlights the risk from phishing attacks launched by means other than email (e.g. text and instant messaging apps) along with … Continue Reading ››
Datonomy will be taking a short break over the upcoming UK bank holiday, so here is this week's round up of legal and regulatory developments and other news on cybersecurity from the Datonomy blogging team at Olswang LLP, a little sooner than usual. UK policy and regulatory developments
  • CERT-UK has published its first annual report detailing the major pieces of malware that have operated in the UK over the last year (spread by criminal groups and nation states), a sector breakdown, a review of the Cyber Europe 2014 programme and the Cyber Security Information Sharing Partnership (CiSP), in addition to six predictions for 2015/2016, that include:
    • The supply chain will be hit hard (following supply chain weaknesses exploited in the attacks on US companies JP Morgan, Target and Home Depot, the threat is expected to cross the Atlantic this year) ;
    • Mobile devices will be a single point of failure for business and … Continue Reading ››
The latest round up of legal and regulatory developments and other news on cybersecurity from the Datonomy blogging team at Olswang LLP. UK policy and regulatory developments
  • The Department for Business, Innovation and Skills has announced the addition of two more participating companies to the cybersecurity supplier to government scheme.  The NCC Group and Perspective Risk Ltd can now advertise themselves as companies supplying a cybersecurity product to the UK government and use the government’s logo in marketing materials in order to increase the UK’s cybersecurity exports.
EU policy and regulatory developments
  • Network and Information Security Directive (NISD): There is a frustrating dearth of information in the public domain about the latest progress on the NISD. The EU Council’s Consilium website page on the Directive has been updated with the following report: A third trilogue meeting took place on 30 April 2015. Although progress was made during the trilogue, important differences remain between the … Continue Reading ››
The latest round up of legal and regulatory developments and other news on cybersecurity from the Datonomy blogging team at Olswang LLP. UK policy and regulatory developments
  • Election special: It will be interesting to see what the new Conservative Government means for cybersecurity. The Conservative manifesto pledged to continue investment in cyber defence capabilities and improve response to cyber crime with reforms to police training (including the use of volunteer  “Cyber Specials”).  Datonomy will be looking out for new policy announcements - the state opening of Parliament and the Queen’s Speech will be on 27 May.  In terms of ministerial appointments which may have a bearing on cyber policy, these include: Matt Hancock, who has replaced Francis Maude as Minister for the Cabinet Office, Oliver Letwin who is in overall charge of the Cabinet Office and Sajid Javid, the new  Secretary of State for Business, Innovation and Skills.
  • On 7 May the … Continue Reading ››
The latest round up of legal and regulatory developments and other news on cybersecurity from the Datonomy blogging team at Olswang LLP. EU policy and regulatory developments
  • Network and Information Security Directive (NISD): the Council is reported to be meeting today (27 April) to discuss its position further, and the next trilogue is reported to be taking place on Thursday, 30 April.  The Council has publicised two new documents relating to the draft on its website, dated 1 and 17 April.  These are entitled, respectively, State of Play and  “Presidency’s proposal on the way forward”.  Frustratingly, they have not yet uploaded and do not appear to be in circulation in the public domain.  On 24 April, the MLex Service (subscription only) carried a helpful report explaining the latest twists and turns on negotiations over the controversial issue of whether key internet services should be subject to the Directive. According to MLex, two … Continue Reading ››
With cyber attacks now routinely in the headlines, with the global cost of cybercrime estimated at $400 billion for this year and with governments responding with a host of counter-measures, The Datonomy team  is launching a weekly round-up to help you stay up to date the latest legal, regulatory and news developments from around the world. Given the inextricable link between data privacy and cybersecurity, we hope that Datonomy’s growing readership  will find this update useful. We look forward to hearing your comments, and welcome news and updates from Datonomy readers  around the globe. UK developments
  • Cyber security was again front page news last week with the announcement by the UK and US that they will stage cyber attack war games, initially in the financial services sector, and improve the exchange of cyber intelligence between the two powers – read the BBC’s coverage here. In related news, twelve UK cyber … Continue Reading ››