Cybersecurity
The United Kingdom's Foreign, Commonwealth & Development Office announced, on 4 August 2022, that the first meeting between the UK and the Association of Southeast Asian Nations ('ASEAN') had taken place, on the same date, in Cambodia, and that Minister Amanda Milling and ASEAN foreign ministers had agreed a plan of action for 2022 to 2026.
The Commissioner for Information of Public Importance and Personal Data Protection ('Poverenik') announced, on 18 July 2022, that it had completed ex officio inspections in relation to the Republic Geodetic Authority, following the Geodetic Authority's notification that it had suffered from a cyber attack against its information system.
The National Institute of Standards and Technology ('NIST') released, on 5 August 2022, its initial public draft of NIST Special Publication ('SP') 800-215, titled 'Guide to a Secure Enterprise Network Landscapes'.
The Ministry of Internal Affairs and Communications of Japan ('MIC') announced, on 8 August 2022, that it and the Ministry of Digital Economy and Society of Thailand had signed a Memorandum of Cooperation ('MoC') in the field of information and communication digital technology.
The State Service of Special Communications and Information Protection of Ukraine ('DSSZZI') announced, on 27 July 2022, that it and the Government Office of the Republic of Slovenia had signed a Memorandum of Understanding ('MoU') in the field of cyber defence. In particular, the DSSZZI highlighted that the key areas of cooperation include:
The State Service of Special Communications and Information Protection of Ukraine ('DSSZZI') announced, on 28 July 2022, that it and the Cyber Security and Infrastructure Security Agency of the United States Department of National Security ('CISA') had signed a Memorandum of Cooperation ('MoC') in the field of cybersecurity.
The Health Sector Cybersecurity Coordination Center ('HC3') of the U.S. Department of Health and Human Services ('HHS') published, on 4 August 2022, an advisory warning for the healthcare sector of the risks posed by Internet of Things ('IoT') devices, and urging it to be proactive in addressing such security risks.
The Federal Communications Commission ('FCC') proposed, on 5 August 2022, a fine to Q Link Wireless LLC for failing to adequately and promptly respond to an inquiry as part of an FCC investigation into an alleged security flaw that may have caused a data breach leading to the unauthorised disclosure of consumers' personal data.
DISCO Inc. issued, on 1 August 2022, a second notice in which it addressed a data breach potentially affecting the personal information of up to 298,826 customers. In particular, DISCO confirmed that personal information had been leaked due to unauthorised access.
The Polish data protection authority ('UODO') announced, on 1 August 2022, decision DKN.5131.34.2021, as issued on 6 July 2022, in which it fined the University Clinical Centre of the Medical University of Warsaw PLN 10,000 (approx.
The New York State Department of Financial Services ('NYDFS') released, on 29 July 2022, its proposed draft amendments to the Cybersecurity Requirements for Financial Services Companies ('23 NYCRR 500'). In particular, the draft amendments would implement several changes, including:
The Personal Data Protection Authority ('KVKK') announced, on 28 July 2022, a data breach that occurred within NeoPets Inc. In particular, the KVKK highlighted that, in accordance with Article 12(5) of the Law on Protection of Personal Data No.
The European Union Agency for Network and Information Security ('ENISA') published, on 29 July 2022, its threat landscape report on ransomware attacks, analysing a total of 623 ransomware incidents across the EU, the UK, and the US for a reporting period from May 2021 to June 2022.
The Saudi National Cybersecurity Authority ('NCA') announced, on 25 April 2022, that it had called on entities that provide cybersecurity services, solutions, or products in the Kingdom to register their data through the NCA's website starting Monday 25 April 2022.
The Cyberspace Administration of China ('CAC') announced, on 29 July 2022, that it had signed a cooperation plan with the National Cyber and Cryptography Agency of Indonesia. In particular, the CAC highlighted the plan aims to deepen cooperation in cyber security capacity building between China and Indonesia.
The Data State Inspectorate ('DVI') published, on 29 July 2022, a guide on pseudonymised and anonymised data.
Global Cybersecurity Laws
Global Cybersecurity Laws
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- title
- Governing Texts
- Implementation of a framework
- Training and Awareness
- Risk Assessments
- Vendor Management
- Accountability
- title
- Data Security
- Notification of Cybersecurity Incidents
- Registration with authority
- Appointment of a security officer
- Sector Specific
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
NIS Directive
NIS Directive
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- Governing Texts
- Specific legislation
- Regulatory authority guidance
- Scope of Application
- Network and information systems
- Critical Information Systems
- Operator of Essential Services
- Cloud Computing Services
- Digital Service Providers
- Requirements
- Security Measures
- Notification
- Registration
- Security Officer
- Other
- title
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
US State Cybersecurity Laws
US State Cybersecurity
- There is a requirement in place.
- Click to view information for additional detail.
- There is no requirement in place.
- title
- Governing Texts
- title
- Scope of Application
- General Requirements
- Cybersecurity framework
- Notification
- Security Officer
- Other
- Sectoral
- Insurance
- Health
- Financial
- title
- Penalties
Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in