As the dust starts to settle on the Crowdstrike incident, the focus of concern naturally moves on from the immediate incident response...

The SEC regulates the securities markets in the US, the biggest and most powerful economy on Earth. Surely, therefore, the SEC is one of...

If you pick up any analyst report about cyber risks, you will be told about the increasing and evolving nature of ransom attacks. A while...

The UK National Cyber Security Centre published its latest annual review earlier this week. If you're ever looking for an organisation...

If someone says "security breach", what do you think? Is this a situation where a rogue actor (say a cybercriminal) or a rogue thing (say...

Touch screen devices are great. From a design perspective they get rid of the mechanical buttons that are riddled with wear-and-tear...

The operational shape of cybersecurity in an organisation is critical to its success and legal health. In light of recent developments such

SEC sure SolarWinds and CISO for cybersecurity fraud and controls failings

President Biden’s expansive Executive Order on AI is the latest act in the global jockeying for the leadership position in this area. It...

The security duties for providers of public electronic communications networks and services

Otka breach impacts authentication in cyberspace, raising due diligence and accountability concerns.

The regulatory system for the cybersecurity ecosystem

Operational security builds upon the CIA triad and accidental hazards need controlling as well as malicious and negligent threats.

The Computer Misuse Act is the UK's principal "anti-hacking" legislation. Learn more about cyber-dependent and cyber-enabled computer crimes

We've explored how cryptography can be used to achieve confidentiality through encryption, so let's turn to data integrity. Integrity is...

The detail of security law is found within operational security itself, due to the twinning of the subjects, as explained in Part 1 and...

Symmetric and Public Key encryption for data confidentiality

Supply chain risks and incident response priorities exposed by Equifax cybersecurity data breach fine.

Two factor and multi factor authentication needed for added security and legal compliance

The GDPR is a critical piece of security law requiring end to end security over the full personal data processing lifecycle

The GDPR is meant to be a global gold standard for data protection but compensation is unlikely after a security breach.

When a cybersecurity breach occurs, operational security law will require an appropriate incident response and the priorities can be...

Cybercrime is constantly growing and evolving and the advantage is with the attacker. Better security hygiene reduces the risk of being hit.

If an organisation falls victim to a cyber-attack where the cybercriminal manages to impact information that the organisation holds on...