Tag:data protection

1
Australian organisations hit by thousands of significant cyber incidents
2
Brexit and Data Protection
3
Yes it can cost you your job…even if you are the boss!

Australian organisations hit by thousands of significant cyber incidents

Oct 17 2016
Browse archives for October 17, 2016
Posted in

Breaches, Managing Threats & Attacks, Privacy, Data Protection & Information Management

Tagged with , , , , , , , , ,
Share

By Cameron Abbott and Rebecca Murray

The Australian Cyber Security Centre’s (ACSC) 2016 Threat Report has revealed that Australian businesses and government have been subject to more than 15,000 significant incidents that they know of. Read the report here. They were the first to admit that given reporting is optional they cannot really determine the full impact.

Due to the current reporting regime, the ACSC has had to rely on data from callouts to CERT Australia (the national first responder to cyber incidents) to assess the extent of the problem in the private sector. CERT Australia responded to 14,804 incidents from the private sector from June 2015 to June 2016. Of those callouts, 418 involved systems of national interest and critical infrastructure. The banking, finance, energy and communications sectors were the most heavily targeted.

While the Government has introduced a bill to mandate serious data breach notification that is set to be passed in the near future (find out more about the bill here), until then, we will continue to go mostly unaware of damaging malicious cyber activity launched against Australian organisations because the private sector largely refuses report these incidents.

Brexit and Data Protection

Jul 20 2016
Browse archives for July 20, 2016
Posted in

Privacy, Data Protection & Information Management

Tagged with ,
Share

Linked article by Andrew W. Gilchrist, Arthur Artinian, Andrew R. Danson, Philip J. Morgan, Daniel L. Clyne

As part of K&L Gates continued coverage of the issues raised by Britain’s exit of the EU (see our dedicated Brexit Hub here), our European colleagues have made an assessment of the post-Brexit landscape with respect to UK’s data protection laws.

Although there will be no immediate impact (given it is expected that it will take at least 2 years before any Brexit is finalised), companies should begin to consider what legal framework may apply in the post-Brexit world. For more information, please see here.

Yes it can cost you your job…even if you are the boss!

May 31 2016
Browse archives for May 31, 2016
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Managing Threats & Attacks, Privacy, Data Protection & Information Management, Report & Surveys

Tagged with , , , , ,
Share

By Cameron Abbott and Giles Whittaker

The CEO of Austrian aerospace parts maker FACC, has been fired following a cyber fraud that cost the company 42 million euros (AUD $65 million). FACC also fired their CFO in February soon after the cyber fraud.

Executives are being held responsible for business’ cybersecurity measures, and while FACC declined to comment on the details of Walter Stephan’s shortcomings, their supervisory board concluded that Walter Stephan had “severely violate his duties, in particular in relation to the fake president incident”. It is likely that this violation is in reference to a lack of adequate cybersecurity procedures or protections, which would be considered essential for most businesses in this technologically integrated era.

So how was it done? The technique used to deceive FACC into handing over their money is known as a ‘fake president incident’. To put it simply, the hackers sent an email to an employee posing as the CEO, and requested that funds be transferred to a specified account for a fake acquisition project. It would appear the board figured it shouldn’t have been that easy.

More information about this cyber fraud can be found in an article by reuters.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.