Tag: Cybersecurity

1
Trending: Security as a service
2
A Different Immune System: TGA provides Insight into Cyber Security for Medical Devices
3
Cyber diligence: Study reveals cybersecurity concerns are becoming a critical factor in M&A due diligence
4
US Internet of Things bill advanced to vote on House floor
5
Privacy Awareness Week (Data Breaches): Study finds majority of Australian businesses are ill-equipped to handle cybersecurity incidents
6
K&L Gates Supports Safer Internet Day 2019
7
Encryption bill to give unprecedented power
8
China in breach of cyber-security pact
9
US, Russia and China don’t pledge to fight cybercrime
10
2018 Trends in Cyber-crimes so far…

Trending: Security as a service

By Cameron Abbott and Karla Hodgson

Remember the time when you first heard about cloud computing and it took you a few moments of quiet contemplation before you wrapped your head around the concept of computing being situated “up there”?  Of course today we aren’t surprised to learn that over 80% of enterprise workloads will be in the cloud by next year and that a new wave of cloud-based security as a service (SECaaS) solutions are rolling in to address the forecasted USD $5.2 trillion per year in cybercrime damage that is expected to impact within the next 5 years.

Based on the software as a service (SaaS) model, SECaaS is a cloud-based managed security service that removes the need for businesses to buy and continually upgrade on-premises hardware and software and keep staff upskilled in the ever-shifting world of cybersecurity risk and protection.

Read More

A Different Immune System: TGA provides Insight into Cyber Security for Medical Devices

By Cameron Abbott, Michelle Aggromito and Max Evans

The Australian Therapeutic Goods Administration (TGA) has published its guidance framework dealing with medical device cyber security for manufacturers and sponsors of medical devices, as well as for consumers, health professionals and other users. This is driven by a number of challenges that regulators face to protect users against cyber security risks, including the alteration of device function, loss to privacy and the alteration of personal health data.

The crux of the framework is based on the TGA view that knowledge is power, in that patients using connected medical devices should be informed about the potential cyber security risks those devices have, and take proactive measures to protect their devices and networks.

Read More

Cyber diligence: Study reveals cybersecurity concerns are becoming a critical factor in M&A due diligence

By Cameron Abbott and Rebecca Gill

Unreported data breaches have disrupted several major M&A deals in recent years, such as Marriott International’s merger with the Starwood hotel chain. The growing list of cautionary (and costly) tales appears to be making an impression in the M&A space, as a recent study of IT professionals and business executives by Forescout Technologies has found.

The study queried a total of 2,779 respondents from all over the world, and found that 93% of the respondents viewed cybersecurity evaluations as important to their companies’ M&A decision-making processes. Respondents also ranked a target company’s history of cybersecurity incidents as the second most important factor when performing due diligence on the business, following the company’s financial statements.

Read More

US Internet of Things bill advanced to vote on House floor

By Cameron Abbott and Rebecca Gill

Just a few months ago, we blogged on the ‘Internet of Things’ (or IoT) legislation making an appearance in the US Senate. But now the legislation may be becoming a reality. On Wednesday, the House Committee on Oversight and Reform advanced the Internet of Things Cybersecurity Improvement Act of 2019 to a vote on the House floor.

The bipartisan legislation aims to reduce the risk to critical government information technology infrastructure from cyberattacks, and directs the National Institute of Standards and Technology to develop recommendations for use and management of internet-connected devices by March 31 2020.

Read More

Privacy Awareness Week (Data Breaches): Study finds majority of Australian businesses are ill-equipped to handle cybersecurity incidents

By Cameron Abbott, Rob Pulham and Rebecca Gill

It’s Privacy Awareness Week and today’s topic is “data breaches”. With data breaches and responding to cyber attacks becoming an inevitable part of doing business, it’s a timely reminder about the importance of adequately resourcing your IT security areas, and of having comprehensive and well-tested data breach response plans in place, as illustrated by the Fourth Annual Study on The Cyber Resilient Organization (Study), conducted by the Ponemon Institute on behalf of IBM Resilient.

The Study surveyed 3,655 IT and IT security practitioners in 11 countries and regions, including Australia. The results of the Study indicate that a majority of Australian businesses are vulnerable to cyber-attacks due to a lack of skilled personnel and incident response plans.

Read More

K&L Gates Supports Safer Internet Day 2019

By Cameron Abbott and Wendy Mansell

Today is Safer Internet Day and K&L Gates is a proud supporter of this yearly international event which raises awareness of cyber issues and online safety concerns.

K&L Gates has a strong focus on promoting and advocating for a safer internet through the Cyber Civil Rights Legal Project. This project helps victims of non-consensual pornography known as ‘revenge porn’ by providing pro bono legal assistance to individuals suffering from these cybercrimes.

Revenge porn is a serious invasion of privacy and K&L Gates assists in having the images removed from the internet. This cyber epidemic is taking place around the world and due to K&L Gates global legal presence, these services can be provided to victims internationally.

K&L Gates further supports Safer Internet Day through the working relationship being built with the Office of the eSafety Commissioner,who is responsible for coordinating the event in Australia.

The theme for this year’s event is “Together for a better internet“, which encourages the development of respect, responsibility, reasoning and resilience skills when using the internet. K&L Gates is actively striving for a better internet through focusing on improving online safety and fighting against cybercrimes.

Encryption bill to give unprecedented power

By Cameron Abbott and Wendy Mansell

The Coalition government is attempting to pass large-scale decryption reforms which will give sweeping powers to law enforcement agencies for overt and covert computer access.

The reforms have caused significant controversy as they may force tech companies and communications providers to modify their services, creating “systemic weaknesses” for intelligence agencies to exploit. However many point out these same vulnerabilities may be utilised by criminals.

Further the potential repercussions of these reforms may undermine consumers’ privacy, safety and trust through unprecedented access to private communications. This could have anti-competitive effects, as the reputations of Australian software developers and hardware manufacturers will suffer within international markets.

At the same time, the harsh reality that terrorists and organised crime increasingly utilise these technologies to evade surveillance highlights a very clear problem for law enforcement authorities.

We won’t seek to suggest where the balance between these interests should lie, but the debate rages on. Stay tuned.

China in breach of cyber-security pact

By Cameron Abbott and Wendy Mansell

It has been a fairly turbulent week in the cyber-espionage space following accusations that China’s Ministry of Security Services is behind the surge of intellectual property theft from Australian companies.

The news that the persistent attacks on Australian IP are perhaps a State sponsored campaign by the Chinese government is concerning as it suggests that China are in breach of several international and bilateral agreements.

In 2015, an agreement was made between Chinese President Xi Jinping and former President Obama, that the U.S and China would not steal intellectual property from one another for commercial gain. This was furthered at the November 2015, G20 Summit, where the cyber-theft of IP was accepted as the norm.

Following on from this in September 2017, former Prime Minister Malcolm Turnbull and Chinese Premier Li Kequiang promised that neither country would engage in cyber-theft of intellectual property and commercial secrets.

Reports of cyber-theft declined immediately after these agreements, however in recent months they have ramped up again.

A U.S Trade Representative report released this week confirms that despite any international agreements, China has continued engaging in cyber-espionage and the theft of intellectual property. Further the report states that not only is China likely to be in breach of these agreements, but the attacks have “increased in frequency and sophistication”.

Notably in July of this year, China was linked to the cyber-breach of Australian National University. This attack was particularly disturbing given that ANU is a leading university involved in key areas of Australian technological, scientific, defence and commercial research.  It is fascinating that cyber attacks and theft are a “norm” that is accepted within our overall international relationships.  Physical acts of a similar nature would not be so easily accepted.

US, Russia and China don’t pledge to fight cybercrime

By Cameron Abbott and Wendy Mansell

Fifty countries including Japan, Canada and many EU nations have come together with over 150 tech companies, pledging to fight against cybercrime. United State’s tech giants such as Facebook, Google and Microsoft have also joined the party.

The United States, Russia and China however have decided not to sign on. Each has no doubt very different reasons for this – the disappointment is mostly directed to the US. However it is a shame that Russia and China did not also feel the weight of the international community pressure to accept these principles.

The effort to combat cybercrime is being led by France, with French President Emmanuel Macron claiming that it is urgent that the internet is better regulated.

The countries and companies involved are fighting against illegal online activity like censorship, cyber interference in elections, hate speech and trade secrets theft.

The pledge has been made in a document titled the “Paris call for trust and security in cyberspace”.

2018 Trends in Cyber-crimes so far…

By Cameron Abbott and Colette Légeret

The first half of 2018 has been busy for cyber-criminals and cyber-security alike. According to Trend Micro, cryptocurrency mining detections have jumped 96% in this six month period compared to the total number detected in 2017.

In that same time, over 20 billion threats were blocked by Trend Micro’s Infrastructure, a few billion threats less than in the first half of 2017. Of these threats, less were “spray and pay” ransomware attacks and breaches, as cyber-criminals are flying under the radar with crypto-jacking, along with fileless, macro and small file malware techniques.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.