Support Centre
Cybersecurity
workspace-icon
Back

Cybersecurity

See all News
10 August 2022

International: First UK-ASEAN ministerial meeting brings Plan of Action for 2022 to 2026

The United Kingdom's Foreign, Commonwealth & Development Office announced, on 4 August 2022, that the first meeting between the UK and the Association of Southeast Asian Nations ('ASEAN') had taken place, on the same date, in Cambodia, and that Minister Amanda Milling and ASEAN foreign ministers had agreed a plan of action for 2022 to 2026.

Public Sector, Cybersecurity,
10 August 2022

Serbia: Poverenik completes inspection of Republic Geodetic Authority following cybersecurity incident

The Commissioner for Information of Public Importance and Personal Data Protection ('Poverenik') announced, on 18 July 2022, that it had completed ex officio inspections in relation to the Republic Geodetic Authority, following the Geodetic Authority's notification that it had suffered from a cyber attack against its information system.

Investigations, Breach Notification - To Authorities, Incident and Breach,
10 August 2022

USA: NIST seeks comment on draft guide on secure enterprise network landscapes

The National Institute of Standards and Technology ('NIST') released, on 5 August 2022, its initial public draft of NIST Special Publication ('SP') 800-215, titled 'Guide to a Secure Enterprise Network Landscapes'.

Cybersecurity,
09 August 2022

International: Japan and Thailand sign MoC on ICT

The Ministry of Internal Affairs and Communications of Japan ('MIC') announced, on 8 August 2022, that it and the Ministry of Digital Economy and Society of Thailand had signed a Memorandum of Cooperation ('MoC') in the field of information and communication digital technology.

Cybersecurity, Information Technology,
09 August 2022

International: Ukraine and Slovenia sign MoU on cyber defence

The State Service of Special Communications and Information Protection of Ukraine ('DSSZZI') announced, on 27 July 2022, that it and the Government Office of the Republic of Slovenia had signed a Memorandum of Understanding ('MoU') in the field of cyber defence. In particular, the DSSZZI highlighted that the key areas of cooperation include:

Cyber Risks and Threats, Cybersecurity,
09 August 2022

International: Ukraine and America sign MoC on cybersecurity

The State Service of Special Communications and Information Protection of Ukraine ('DSSZZI') announced, on 28 July 2022, that it and the Cyber ​​Security and Infrastructure Security Agency of the United States Department of National Security ('CISA') had signed a Memorandum of Cooperation ('MoC') in the field of cybersecurity.

Awareness and Training, Cyber Risks and Threats, Cybersecurity,
09 August 2022

USA: HC3 warns health sector against IoT threats

The Health Sector Cybersecurity Coordination Center ('HC3') of the U.S. Department of Health and Human Services ('HHS') published, on 4 August 2022, an advisory warning for the healthcare sector of the risks posed by Internet of Things ('IoT') devices, and urging it to be proactive in addressing such security risks.

Health and Pharmaceutical, Cyber Risks and Threats, Internet of Things,
08 August 2022

USA: FCC proposes a fine to Q Link for failing to respond to an inquiry on a security flaw

The Federal Communications Commission ('FCC') proposed, on 5 August 2022, a fine to Q Link Wireless LLC for failing to adequately and promptly respond to an inquiry as part of an FCC investigation into an alleged security flaw that may have caused a data breach leading to the unauthorised disclosure of consumers' personal data. 

Investigations, Telecommunications and Electronic Communications, Cyber Risks and Threats, Incident and Breach,
05 August 2022

Japan: DISCO addresses data breach potentially affecting 298,826 customers

DISCO Inc. issued, on 1 August 2022, a second notice in which it addressed a data breach potentially affecting the personal information of up to 298,826 customers. In particular, DISCO confirmed that personal information had been leaked due to unauthorised access.

Breach Notification - To Affected Individuals, Incident Response, Incident and Breach,
05 August 2022

Poland: UODO fines Medical University of Warsaw PLN 10,000 for breach notification failures

The Polish data protection authority ('UODO') announced, on 1 August 2022, decision DKN.5131.34.2021, as issued on 6 July 2022, in which it fined the University Clinical Centre of the Medical University of Warsaw PLN 10,000 (approx.

Enforcement - Other, Enforcement - Penalties, Health and Pharmaceutical, Medical Data, Breach Notification - To Affected Individuals, Breach Notification - To Authorities,
04 August 2022

New York: NYDFS publishes draft amendments to its Cybersecurity Requirements for Financial Services Companies

The New York State Department of Financial Services ('NYDFS') released, on 29 July 2022, its proposed draft amendments to the Cybersecurity Requirements for Financial Services Companies ('23 NYCRR 500'). In particular, the draft amendments would implement several changes, including:

Legal Reform, Financial Services, Cybersecurity,
03 August 2022

Turkey: KVKK announces NeoPets data breach

The Personal Data Protection Authority ('KVKK') announced, on 28 July 2022, a data breach that occurred within NeoPets Inc. In particular, the KVKK highlighted that, in accordance with Article 12(5) of the Law on Protection of Personal Data No.

Protection for Minors, Breach Notification - To Authorities, Cybersecurity, Incident Response,
03 August 2022

EU: ENISA publishes threat landscape report on ransomware attacks

The European Union Agency for Network and Information Security ('ENISA') published, on 29 July 2022, its threat landscape report on ransomware attacks, analysing a total of 623 ransomware incidents across the EU, the UK, and the US for a reporting period from May 2021 to June 2022.

Cyber Risks and Threats, Cybersecurity, Incident Response,
02 August 2022

Saudi Arabia: NCA registration requirement comes into force

The Saudi National Cybersecurity Authority ('NCA') announced, on 25 April 2022, that it had called on entities that provide cybersecurity services, solutions, or products in the Kingdom to register their data through the NCA's website starting Monday 25 April 2022.

Registration, Cybersecurity,
02 August 2022

China: CAC and Indonesian Cybersecurity authority sign cooperation plan

The Cyberspace Administration of China ('CAC') announced, on 29 July 2022, that it had signed a cooperation plan with the National Cyber and Cryptography Agency of Indonesia. In particular, the CAC highlighted the plan aims to deepen cooperation in cyber security capacity building between China and Indonesia.

Supervisory Authority, Cybersecurity,
02 August 2022

Latvia: DVI publishes guide on pseudonymised and anonymised data

The Data State Inspectorate ('DVI') published, on 29 July 2022, a guide on pseudonymised and anonymised data.

Anonymisation and Pseudonymisation, Technical and Organisational Measures,

Global Cybersecurity Laws

Request a jurisdiction

Global Cybersecurity Laws

       
  •         There is a requirement in place.    
    •    
  •         Click to view information for additional detail.    
    •    
  •         There is no requirement in place.    
    title
  • Governing Texts
    Implementation of a framework
  • Training and Awareness
  • Risk Assessments
  • Vendor Management
  • Accountability
    title
  • Data Security
  • Notification of Cybersecurity Incidents
  • Registration with authority
  • Appointment of a security officer
  • Sector Specific
  • Penalties
  • Argentina
  • Australia
  • Bangladesh
  • Belarus
  • Brazil
  • British Columbia
  • Canada Federal
  • Egypt
  • GLBA Safeguards Rule
  • HIPAA
  • Israel
  • Jordan
  • Kazakhstan
  • Kenya
  • Turkey

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

NIS Directive

Request a jurisdiction

NIS Directive

  • There is a requirement in place.
  • Click to view information for additional detail.
  • There is no requirement in place.
    Governing Texts
  • Specific legislation
  • Regulatory authority guidance
    Scope of Application
  • Network and information systems
  • Critical Information Systems
  • Operator of Essential Services
  • Cloud Computing Services
  • Digital Service Providers
    Requirements
  • Security Measures
  • Notification
  • Registration
  • Security Officer
  • Other
    title
  • Penalties
  • Austria
  • Belgium

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

US State Cybersecurity Laws

Request a jurisdiction

US State Cybersecurity

  • There is a requirement in place.
  • Click to view information for additional detail.
  • There is no requirement in place.
    title
  • Governing Texts
    title
  • Scope of Application
    General Requirements
  • Cybersecurity framework
  • Notification
  • Security Officer
  • Other
    Sectoral
  • Insurance
  • Health
  • Financial
    title
  • Penalties
  • Alabama
  • California

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Company

Our Policies

Your Rights

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© OneTrust, LLC. All Rights Reserved.
The materials herein are for informational purposes only and do not constitute legal advice.