The legal tools for dealing with a cyber attack
By Phil Hartley
Late last year, a group of information security experts gathered with government officials to hack into the deep intestinal computers of London’s financial district. The purpose of the exercise, dubbed ‘Waking Shark II’, was to test whether the UK’s banks and stock exchanges — that is to say, the UK financial system — could withstand a major cyber-security attack.
While the exercise was just a simulation, real incidents do occur with astonishing frequency. In January this year, for example, Tony Colston-Hayter, who achieved notoriety in the late 1980s as the foppish progenitor of rave, admitted to conspiring to steal £1.3m by taking control of computer systems at a popular UK high-street bank through a surreptitiously placed desktop device.
The exploitation of weaknesses in an organisation’s IT systems can result not only in significant losses through data theft or reputational damage; it also poses a real risk of civil action or regulatory enforcement and fines. Technical and organisational measures to prevent hacking are necessary not only to shore up defences against data breaches, but also a legal obligation under the seventh data protection principle under the Data Protection Act 1998…
Click on the link below to read the rest of the Schillings briefing.
News from Schillings
Briefings from Schillings
The increased use of video as a publishing tool has reputation implications for individuals and businesses alike.
One positive that has come out of the recent wave of uncomfortably private photos being brandished is that not everyone wants to look at them.
Analysis from The Lawyer
ABSs arrived just two years ago but their impact on the profession is already deep. In a pre-Awards debate, our shortlisters discuss the rough and smooth of the transition