The legal tools for dealing with a cyber attack
By Phil Hartley
Late last year, a group of information security experts gathered with government officials to hack into the deep intestinal computers of London’s financial district. The purpose of the exercise, dubbed ‘Waking Shark II’, was to test whether the UK’s banks and stock exchanges — that is to say, the UK financial system — could withstand a major cyber-security attack.
While the exercise was just a simulation, real incidents do occur with astonishing frequency. In January this year, for example, Tony Colston-Hayter, who achieved notoriety in the late 1980s as the foppish progenitor of rave, admitted to conspiring to steal £1.3m by taking control of computer systems at a popular UK high-street bank through a surreptitiously placed desktop device.
The exploitation of weaknesses in an organisation’s IT systems can result not only in significant losses through data theft or reputational damage; it also poses a real risk of civil action or regulatory enforcement and fines. Technical and organisational measures to prevent hacking are necessary not only to shore up defences against data breaches, but also a legal obligation under the seventh data protection principle under the Data Protection Act 1998…
Click on the link below to read the rest of the Schillings briefing.
Briefings from Schillings
Nine months after the Defamation Act 2013 came into force, we’re starting to see how the court is dealing with its new provisions.
Alison Sharland has been granted permission to appeal her divorce settlement on the basis that her husband misled her over the true value of the parties’ principal asset.
Analysis from The Lawyer
ABSs arrived just two years ago but their impact on the profession is already deep. In a pre-Awards debate, our shortlisters discuss the rough and smooth of the transition