The UK Department for Culture, Media and Sport recently released a statement on cyber security, in which it urged businesses to take better care to protect against cyber criminals. This statement follows publication of its Cyber Security Breaches Survey 2016, which revealed that two-thirds of large businesses had suffered a cyber attack in the preceding year, and that the majority of such attacks involved viruses, spyware or malware. The survey also found that more than half of the top FTSE350 companies regarded cyber attacks as being the biggest threat to their business.

The costs associated with cyber attacks can be significant, often running into millions of pounds. The government advises that many such attacks could be avoided by implementing its cyber essentials scheme, which offers UK businesses of all sizes guidance on protection against cyber threats. One in four of the firms that had experienced cyber attacks encountered an attack at least once a month, yet the survey found the implementation of prevention strategies and contingency plans to be very rare.
Continue Reading Cyber Security Takes Centre Stage in UK Government’s Strategy

The Council of the European Union adopted the EU Network and Information Security (NIS) Directive (the ‘Directive’) 17 May, ready for final adoption by the European Parliament. The Directive, initially proposed in 2013, has been progressing through the EU legislative procedure for some time. As we reported in December last year, the Directive covers

As the technology world is on the upswing, organizations may be at an increased risk for data breaches and cybersecurity incidents. “The Office of the Comptroller of the Currency examiners will be using the agency’s new Cybersecurity Assessment Tool in conjunction with information security and operational risk supervisory activities to determine an institution’s ability to

U.S. tech giants, like Google and Facebook, found themselves caught between the European Parliament and the European Commission as disagreements continue as to whether Internet service providers should be included within the definition of ‘market operators’ in the Proposed Directive on Network and Information Security (IP/13/94) (the ‘Directive’). Currently, the EU Commission would like to see both search engines and social networks included, whereas the European Parliament prefers a common European framework focusing on critical infrastructure only, such as financial services and power stations.

The EU Parliamentary view is that broadening the scope of the Directive risks undermining the aim of the law which is to protect key or critical services, whereas including ISPs, and as a consequence some U.S. tech giants, would require the tech giants to report global cyber attacks to each of 28 member states’ respective regulators. Those arguing against ISP inclusion argue that they are already highly regulated, and that many of the requirements contained in the proposed Directive are already provided for by commercial contracts and service level agreements, and that the introduction of additional legislation would create added complexity and have a negative impact on innovation within the tech industry.
Continue Reading Tech giants caught between EU disagreements on scope of Proposed Network and Information Security Directive

On 23 June, the UK government introduced a new online cyber security training course designed to assist the procurement profession to stay safe online.

After a recent government survey found that half of the worst breaches were caused by human error, the government aims to increase awareness and help organisations reduce risk. The course, freely available online, has been designed to help persons in the procurement industry protect themselves, their businesses and their suppliers from cyber attack.
Continue Reading UK offers improved cyber security training to boost procurement profession

The oracle of Silicon Valley, Mary Meeker – a partner at Kleiner Perkins – just published her highly anticipated 2015 Internet Trends Report.  Meeker’s report is the ultimate compilation of essential technology statistics, and is one of the most widely read and respected insights into the future of the Internet and technology trends.

Encompassing everything from smartphone penetration to drones, messaging apps to India as the next Internet penetration growth market, Meeker, in 197 slides, does a deep dive into technology trends and provides an optimistic future for growth, especially in education, government and health care.

The entire report is well worth the time to read, but below we have highlighted some of the key takeaways.
Continue Reading Into the Future

This post was also written by Frederick Lah.

The concept of “reasonableness” is found throughout the law and tends to develop slowly through the common law in a variety of geographies and commercial contexts. This uneven and unpredictable development of case-by-case rulings ultimately provides resilient standards, but at a great interim cost of uncertainty and