Archive: December 2018

1
Cybersecurity: location, location, location
2
Encryption bill to give unprecedented power
3
Marriott Hotel – time to change your passwords!

Cybersecurity: location, location, location

Authors: Cameron Abbott and Sara Zokaei Fard

According to a report published by BitSight on 4 December 2018, “Are the New European Cybersecurity Regulations Working?”, Europe is one of the only exceptions to a global decline in security performance. There are regular occurrences of cybersecurity compromises around the world, with some sectors such as Technology consistently performing weaker than others. Companies in the Finance sector continue to be the world’s strongest cybersecurity performers, due to their high regulative overlay. While “continental cybersecurity performance continues to decline”, in Europe, cybersecurity performance is improving to an extent unlike any other continent in the world.

The General Data Protection Regulation (GDPR) officially went into effect in the European Union in May 2018. The GDPR is a landmark European Union law, that sets significant punitive fines at up to 4% of global revenue if organisations do not implement a broad set of cybersecurity requirements in certain circumstances. In the months following the implementation of the GDPR, European security performance has consistently improved and now significantly surpasses all other continents. In this same time frame, Oceania’s cybersecurity performance has spiralled downwards.

BitSight states “the chorus for GDPR-style regulation is growing internationally”. The statistics certainly support this.  However others argue that countries like the US demonstrate significant competitive advantage in developing highly valuable big data and social media intellectual property because of the lower regulatory environment encouraging innovators.  The value to economies of these industry segments is significant.

Encryption bill to give unprecedented power

By Cameron Abbott and Wendy Mansell

The Coalition government is attempting to pass large-scale decryption reforms which will give sweeping powers to law enforcement agencies for overt and covert computer access.

The reforms have caused significant controversy as they may force tech companies and communications providers to modify their services, creating “systemic weaknesses” for intelligence agencies to exploit. However many point out these same vulnerabilities may be utilised by criminals.

Further the potential repercussions of these reforms may undermine consumers’ privacy, safety and trust through unprecedented access to private communications. This could have anti-competitive effects, as the reputations of Australian software developers and hardware manufacturers will suffer within international markets.

At the same time, the harsh reality that terrorists and organised crime increasingly utilise these technologies to evade surveillance highlights a very clear problem for law enforcement authorities.

We won’t seek to suggest where the balance between these interests should lie, but the debate rages on. Stay tuned.

Marriott Hotel – time to change your passwords!

Authors: Cameron Abbott and Keely O’Dowd

 On Friday, 30 November 2018 the Marriott Hotel announced that it had suffered a data breach, we are all getting a little numb to large breaches but this one is one of the biggest in recent times.

The Marriott revealed that over a four year period, up to approximately 500 million guests who made a reservation using the Starwood reservation system for a hotel within the Marriott umbrella on or before 10 September 2014 may have had their data compromised. For approximately 327 million guests, information that may have been comprised includes a combination of name, address, phone number, email address, password, Starwood Preferred Guest account information, date of birth, gender, payment card numbers, arrival and departure information, reservation date and communication preferences.

Most hotel booking/POS systems have been attacked in recent years and these attacks have proven difficult to detect and trace through to understand the impact, it takes time and significant resources.  If you have used the Starwood reservation system – it is a good time to change the password and update passwords anywhere else you use those same or similar credentials.

Copyright © 2018, K&L Gates LLP. All Rights Reserved.