Cybersecurity

On 26 September 2024, the European Central Bank (ECB) issued a paper which outlines how the European framework for threat intelligence-based ethical red teaming – the TIBER-EU framework – can help Member State competent authorities (NCAs) and financial entities fulfil the threat-led penetration testing (TLPT) requirements in the Digital

On 10 March 2022, the Information Commissioner’s Office (ICO) issued a monetary penalty notice to a professional services firm (the Firm) to the tune of £98,000 for a breach of Article 5(1)(f) of the General Data Protection Regulation (GDPR).

The Firm was the victim of a ransomware attack which it first became aware of on

In response to the growing use of artificial intelligence (AI) by banks, the Hong Kong Monetary Authority (HKMA) has provided guidance to the banking industry on the use of AI applications.  These are high level principles (set out briefly below) which banks are expected to take into account when designing and

The Securities and Futures Commission (the SFC) has issued a circular (the Circular) to licensed corporations (LCs) on the use of external electronic data storage providers[1] (EDSPs) and updated the frequently asked questions on the premises for business and record keeping in light of the Circular.

In addition

It has been 3 months since Australia’s Notifiable Data Breach Scheme (NDB Scheme)[1] came into force and, already, the Office of the Australian Information Commissioner (OAIC) is receiving many notifications of cyber-attacks and other data breaches – both voluntarily and under the NDB Scheme.

We will see even greater awareness