Cyber Bytes banner RPC law

Cyber_Bytes - Issue 26

01 December 2020. Published by Richard Breavington, Partner and Rachel Ford, Associate and Ridvan Canbilen, Associate

Welcome to Cyber_Bytes, our bi-weekly round up of key developments in cyber, tech and evolving risks.

What is GDPR’s impact on cyber insurance?

The consensus from sources such as Marsh insurance, the ratings agency Fitch and the Bank of England is that the EU's General Data Protection Regulation (GDPR) is pushing up the demand for cyber insurance. Around one third of the UK's biggest companies have bought cyber insurance, but it is expected that the biggest increase will be seen in smaller businesses. Bigger businesses tend to be able to invest more in cyber security, and can in some cases afford time for better preparation than smaller businesses, who can be affected more if they fall victims of a cyber-attack.

To read more, please click here.

The cyber market could deliver compound annual growth of 26%

Over the next decade the cyber market looks set to achieve market revenue of £53 billion, up from the £4 billion recorded in 2019, according to the 'Cyber Insurance Market Research Report' from Prescient & Strategic Intelligence. The research says growth will come not just from an increasing awareness about cyber risk, but also from governments mandating that firms have robust cyber security and insurance programmes in place.

To read more, please click here.

SRA's Thematic Review on Cyber Security

The SRA's review has shone light on the frequency and potentially significant consequences of cyber crime on law firms. The review found that cyber criminals were successful in their attacks against over three-quarters of the firms targeted. The report found that less than a third of firms held specific cyber insurance, and therefore the SRA are encouraging firms to put suitable measures in place now before it's too late.

To read more, please click here.

Ticketmaster fined for failing to protect its customer's payment details

The Information Commissioner's Office (ICO) has fined the company £1.25 million for failing to put appropriate security measures in place to prevent cyber-attacks on their chat-box function on the online payment page. Their failure to protect their customer's personal data was found to be a breach of the General Data Protection Regulation (GDPR). The cyber fraud began in February 2018 and has since affected 9.4 million customers across Europe.

To read more, please click here.

Manchester United become victims of cyber attack

On Friday 20th November Manchester United's systems were attacked. The club has referred to protocols and procedures being valuable in identifying and containing the breach to protect data. Although the exact details of the attack are currently unknown, 2020 has seen ransomware incidents and "double extortion attacks" (the threat to sell or even auction the encrypted data in the event a ransom is not paid).

To read more, please click here.

COVID-19 attacks on education accelerate cyber security work?

A new report has stated that further and higher education providers are increasing IT security as a result of the current COVID-19 pandemic. This has followed cyber criminals taking advantage of the expansion of home working and scams specifically linked to the pandemic. In September, the National Cyber Security Centre warned that criminals are increasingly targeting education providers and have provided guidance to improve defenses.

To read more, please click here.

Transport Canada sets out to develop vehicle cyber security

Transport Canada (TC) has partnered with the U.S. Department of Transportation's Volpe Center to develop TC's Vehicle Cyber Security Strategy. It looks to specifically focus on the emergence of disruptive technologies relating to autonomous vehicles, electric vehicles and connected vehicles.

To read more, please click here.

Shipowners to take a second look at their cyber security

As of January 2021, it will be mandatory for most shipowners to review their cyber-security. Shipowners will make their own risk assessments about how important cyber risk is to them, which at one extreme could involve some shipowners giving a full overview of all systems on board and involving every department in the company.

To read more, please click here.