Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: cybersecurity

Posted in Cybersecurity, Internet, Technology

The FTC and Industry Propose Best Practices for IoT Security Updates

How do you ensure that an Internet-connected sensor or device—often inexpensive and designed for lifespans of up to 20 years or more—can be secured against not only the intrusions of today but also those of the future? This question has taken on new urgency as low-cost Internet-connected devices are increasingly being co-opted into massive networks, known as “botnets,” that are … Continue Reading

Posted in Cybersecurity Harriet PearsonPaul Otto

National Association of Corporate Directors Updates Cyber-Risk Oversight Handbook

Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously 28-page document, including four additional appendices. While the use of and compliance with the Handbook is not mandatory, the Handbook is influential in shaping governance practices and thus … Continue Reading

Posted in Cybersecurity, Data Protection & Privacy Mark ParsonsAndrew McGintyJun WeiRoy Zou

China’s revised draft data localisation measures

On 19 May 2017, the Cyberspace Administration of China (the “CAC“) released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures (the “Second Draft Export Review Measures“).

The draft emerged just over a week after public comments closed on the first draft of … Continue Reading

Posted in Data Protection & Privacy Mark Parsons

SFC Proposes Baseline Cyber Security Requirements for Internet Trading

The Hong Kong Securities and Futures Commission (“SFC”) has issued a paper containing proposals to introduce cyber security guidelines under the Securities and Futures Ordinance (the “SFO”) applicable to internet brokers (the “Cyber Security Consultation Paper”). Comments are open through 7 July 2017.

The Cyber Security Consultation Paper reflects a sharpening of focus by the SFC on cyber security issues. … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

Combatting the Massive Wave of WannaCry Ransomware

Major companies, health care organizations and government agencies are facing a wave of cyberattacks involving ransomware that takes control of computers and denies access until a ransom is paid.  These attacks are occurring on a global scale and in some cases are having a significant impact on business and healthcare operations.  The cyberattack has disrupted targets throughout the world from … Continue Reading

Posted in Technology Dr. Christian E. Mammen

Emerging patent law issues: IoT webinar update

On 20 April, Hogan Lovells hosted the second instalment of the 2017 webinar series on emerging issues with the Internet of Things (IoT). This instalment focussed on the potential patent law issues presented by IoT technology.

Dr. Chris Mammen, a partner in Hogan Lovells San Francisco office, considered how these issues can impact companies in the IoT space, and discussed … Continue Reading

Posted in Data Protection & Privacy

State of the Cyber Nation: UK Government Report on Cybersecurity Breaches

On 19 April 2017, the UK Government’s Department for Culture, Media and Sport (DCMS) published a report on cybersecurity breaches and how they affected UK companies in the last year. Headline statistics from the report include:

  • 61% of businesses hold personal data electronically;
  • 46% of all UK businesses identified at least one cybersecurity breach in the past year, rising to
Continue Reading
Posted in Data Protection & Privacy Mark Parsons

China’s Data Localization Measures Open for Comment

On 11 April 2017 the Cyberspace Administration of China published a circular calling for comments on its draft Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures (the Draft Export Review Measures). Public comments are open through 11 May 2017.

The main legislative purpose of the Draft Export Review Measures is to … Continue Reading

Posted in Data Protection & Privacy, Technology Mark Parsons

Asia Pacific Data Protection and Cyber Security Guide 2017

2016 was an eventful year in the Asia-Pacific region, as data protection and cyber security issues increasingly feature in the news headlines in the Asia-Pacific region as they do elsewhere, our annual publication, the 2017 Asia-Pacific Data Protection and Cyber Security Guide provides you with an update on key regulatory developments and emerging trends in data protection and cyber security.… Continue Reading

Posted in Data Protection & Privacy

Privacy and Cybersecurity March 2017 Events

Please join us for our March 2017 Privacy and Cybersecurity Events.

March 2
Privacy Women Showcase
Julie Brill will be speaking at a NY Bar Association event on “Careers in Privacy.”
Location: New York, New York

 

March 14
Connected Car Technologies and Trends
Tim Tobin will speak on “Protecting the Connected Car” at Automotive Megatrends’ Connected Car Detroit
Continue Reading
Posted in Data Protection & Privacy Harriet PearsonPaul Otto

The “Final Final” is Here: NYDFS Cybersecurity Regulations

As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On February 16, NYDFS issued its Final Rules, following the initial proposed rules published in September 2016 and two rounds of feedback via industry complaints and public comment. The Final Rules … Continue Reading

Posted in Data Protection & Privacy Mark Parsons

“Cybersecurity Review” Takes Shape in China

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures”) for public comment: the Draft Measures remain open for comments until 4 March 2017.  The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect on 1 June … Continue Reading

Posted in Policy & Regulation Andrew McGintyMark ParsonsNolan Shaw

China moves to implement security review of network products and services: but leaves foreign investor and manufacturer concerns unanswered

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures (“Draft Measures“) for public comment: the Draft Measures remain open for comments until 4 March 2017. The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect from … Continue Reading

Posted in Data Protection & Privacy

New York Department of Financial Services Cybersecurity Rules Revised and Delayed

The New York Department of Financial Services (NYDFS) just issued major revisions to the cybersecurity regulations for financial institutions that were due to come into effect on January 1, 2017. To allow covered institutions more time to implement the rules, the effective date will now be March 1, 2017, with a series of staggered implementation dates beyond this. There are … Continue Reading

Posted in Data Protection & Privacy Conor Ward

The UK’s Cybersecurity Regulatory Landscape: An Overview

Have you visited our online client cybersecurity resource portal: Ready, Set, Respond? Designed by our cross-practice team of global practitioners to provide in-house counsel with the tools they need to prepare for the inevitable cybersecurity incident and quickly and easily stay up to date on the evolving state of cybersecurity regulation around the world, the portal is regularly updated … Continue Reading

Posted in Data Protection & Privacy Harriet PearsonPaul Otto

US Agencies Release Guidance for Securing the Internet of Things

The Internet of Things continues to draw broad interest from policymakers and regulators around the globe. Following on the heels of a major distributed denial-of-service attack in October 2016 that leveraged potentially millions of compromised IoT devices, members of Congress have sent letters to US federal agencies regarding the risks posed by insecure IoT devices and held a hearing about … Continue Reading

Posted in Internet, Technology, Telecoms & Broadband Wesley Platt

Winnik Forum Panelists Explore Cybersecurity in the Connected World

Hogan Lovells’ Winnik International Telecoms & Internet Forum  explored how the Internet of Things (IoT) may continue to expand the scope of cybersecurity concerns.  Cybersecurity risks for the IoT were previously synonymous with enterprise products.  Now these risks extend to consumer devices, services and applications.

According to cybersecurity leaders attending the forum, the IoT market needs new, market-driven approaches to … Continue Reading

Posted in Data Protection & Privacy Paul Otto

Recap of the OCR/NIST Conference on Safeguarding Health Information

Representatives from government and the private sector discussed the present state of healthcare cybersecurity, and experts discussed practical strategies for implementing the HIPAA Security Rule at the ninth annual “Safeguarding Health Information: Building Assurance through HIPAA Security” conference held from October 19–20, 2016 and co-hosted by the National Institute of Standards and Technology (NIST) and the Department of … Continue Reading

Posted in Data Protection & Privacy, Internet Conor Ward

The G-7 Fundamental Elements of Cybersecurity for The Financial Sector

Cyber risk has been high on the agenda of financial services regulators for some time now. In the UK, the FCA specifically addressed its concerns in its 2015/2016 Business Plan and it has an on-going programme of work which includes working with the PRA and Bank of England on visibility of IT resilience and risks at board level, and with … Continue Reading

Posted in Internet, Telecoms & Broadband

FCC Commissioners Discuss Issues Ranging from LTE-U to Privacy and Cybersecurity

Three Commissioners from the Federal Communications Commission (“FCC”) found areas of both agreement and disagreement in a wide-ranging discussion at the CTIA Super Mobility conference last week in Las Vegas. The discussion among Commissioners Mignon Clyburn, Ajit Pai, and Michael O’Rielly, moderated by CTIA President and CEO Meredith Attwell Baker, covered LTE-U, the Internet of Things, infrastructure, free data, competition, … Continue Reading

Posted in Data Protection & Privacy Julie BrillHarriet PearsonPaul Otto

FTC Highlights How Agency’s Approach to Data Security Aligns with NIST Cybersecurity Framework

The Federal Trade Commission (FTC) recently presented an analysis of how its approach to data security over the past two decades compares with the Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework) issued in 2014 by the National Institute of Standards and Technology (NIST) and strongly endorsed by the White House.

The FTC’s recent blog post on “The NIST Continue Reading

Posted in Data Protection & Privacy

Privacy and Cybersecurity September 2016 Events

September 12
Cybercrime Compliance
Christian Tinnefeld will discuss compliance management requirements relating to new anti-cybercrime regulations at a Financial Experts Association event.
Location: Hamburg, Germany

 

September 15
Data and Business
Scott Loughlin will participate in a breakout session on “Privacy and Cybersecurity: A Big Deal for Big Deals” at the IAPP P.S.R. Conference.
Location:
Continue Reading
Posted in Data Protection & Privacy

HHS Issues New Guidance on Ransomware and HIPAA

The Department of Health and Human Services (HHS) released guidance on July 11, 2016, intended to help the healthcare industry prepare for and respond to ransomware attacks. Specifically, this guidance clarifies: (1) that a ransomware attack is considered a “security incident” under HIPAA, and (2) that a ransomware attack will typically be considered a “breach” by HHS unless entities are … Continue Reading

Posted in Policy & Regulation, Technology Jun WeiSherry GongNolan ShawAndrew McGintyMark Parsons

China’s second draft of the Cyber Security Law continues to propose more stringent regulation of cyberspace

On 6 July 2016, a second draft of the People’s Republic of China Cyber Security Law was released to the public for comment following its second reading by the Standing Committee of the National People’s Congress.  The deadline for submitting comments on the second draft is 4 August 2016.

Given the growing cyber threat globally, the Chinese move towards more … Continue Reading