AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cybersecurity legislation

Implementation and management of personal data security in organizationsChallenges and strategies for the data controllerThe data controller ensures the security of the information through technical and organizational measures, contracts with suppliers, and the use of tools such as ISMS. It must also educate staff and respond quickly to incidents.

Legislative changes on cybersecurity: new sanctions and notification obligationsNew regulations to strengthen cybersecurity in public administrations and the private sectorNew laws toughen penalties for unauthorized access to computer systems and oblige public administrations to notify attacks to the National Cybersecurity Agency within 24 hours, under penalty of heavy fines. Plus, they promote encryption and enhance cybersecurity roles.

An EU step forward against cyber stalkingNew EU measures to tackle gender-based violence and strengthen protection for victimsThe European Commission has introduced a directive that criminalizes crimes such as cyber stalking and revenge porn, as well as serious abuses such as female genital mutilation. Penalties vary from 1 to 5 years.

Implications and repercussions of the serious cyberattack on the Lazio NHSConsequences and punitive measures after the ransomware attack that brought the regional healthcare system to its kneesThe Privacy Authority has fined LAZIOcrea, the Lazio Region and the ASL Roma 3 a total of 401,000 euros following a ransomware cyberattack on the Lazio healthcare system in 2021, highlighting serious deficiencies in data security.

Appeal for maintaining sovereignty in the European cloudEuropean ICT industry fighting for cloud certification that guarantees autonomy and data protectionThe text concerns the concern of 18 companies, including Tim and Aruba, for the revision of the Eucs certification scheme in Brussels, fearing the omission of vital criteria for European digital sovereignty.

International sanctions for digital espionage linked to ChinaPunitive measures against cyber-espionage: Chinese entities and individuals targeted by the US and UKThe US and UK have sanctioned a Chinese entity and 2 citizens for cyber espionage against critics and infrastructure. Accused of links to the Chinese government, they targeted politicians and electoral processes. China denies it and demands concrete evidence.

National Cybersecurity Strategies: a boost to Cloud modernizationToward a resilient digital future: cloud modernization and security for federal agenciesThe Biden administration's National Cybersecurity Strategy requires federal agencies to modernize their IT infrastructures, moving to cloud solutions to improve security and efficiency.

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal dataThe FTC fined Avast $16.5 million for selling users' browsing data without consent. Avast will now have to obtain explicit permissions and delete collected data.

Pact between technology companies against electoral manipulationJoint technology initiative to preserve the integrity of democratic votingA group of tech companies have banded together to fight misinformation and protect the integrity of elections by developing technologies to identify and block fake news.

Cyber Resilience Act: updates in the worksInnovations in the IT security landscape: The CRA and its impacts on the digital device marketThe EU Cyber Resilience Act introduces new rules for the security of digital products, distinguishing important and critical products and establishing specific compliance processes for each category.

Meta takes on spy software companiesMeta initiatives for the protection of online privacyMeta has taken legal action against companies that use spy software to violate the privacy of users on its platforms, such as Facebook. Meta's goal is to protect online security.

Tensions and strategies: the TikTok case and US cybersecurityData management and cooperation: TikTok between security and privacyTikTok is facing concerns in the US over data security. It has taken steps to protect privacy, such as limiting access to data and improving transparency. The debate about its use continues.

FTX collapse: the $400 million SIM swapper hitTechnological intrigue and social engineering: the shocking revelation behind the FTX theftA gang of SIM swappers stole $400 million in cryptocurrency from the FTX exchange, using a cloned SIM. Three main suspects used money laundering techniques to hide the theft.

Australian sanctions against Russian cyber criminalPunitive measures against those responsible for the attack on MedibankMedibank hack exposed data of 10M Australians. The government has sanctioned Russian Ermakov, a suspect in the attack, and is strengthening national cybersecurity.

Transatlantic dynamics in cybersecurityResponse strategies and cooperation between the EU and the US in the context of digital securityThe article compares cybersecurity strategies in the US and EU, highlighting their focus on resilience and cooperation against cyber threats, with ENISA supporting Europe in analyzing and managing cyber challenges.

Cybercrime in Ukraine: cryptojacking operation dismantledInternational operation against illegal cryptocurrency miningA 29-year-old man who illegally created a million virtual servers to generate cryptocurrencies, earning $2 million, has been arrested in Ukraine. Europol and local police worked together to stop him after reports of suspicious activity.

New EU regulation to strengthen cybersecurityImpacts and developments of the new EU directive on cyber resilienceThe EU has introduced new rules on cybersecurity, creating the IICB to improve resilience against cyber attacks. The Cert-EU has new intelligence and support functions.

Google faces and settles $5 billion privacy disputePotential bypass identified in Chrome's incognito mode. Possible solutionsGoogle has settled a $5 billion legal dispute over the tracking of incognito mode user data on its Chrome browser. One programmer, Jesse Li, discovered how websites can detect whether a user is using incognito mode thanks to the way Chrome handles FileSystem API data. This could be prevented if Google...

International operation dismantles Kingdom MarketThe international collaboration leads to the seizure of the servers and the discovery of new investigative leadsGerman authorities, in collaboration with the USA, Switzerland and Moldova, have busted the virtual darknet black market, Kingdom Market. This portal sold drugs, cybercrime kits and fake documents, accepting payments in cryptocurrencies. The seizure of the servers made it possible to launch investigations...

The EU Commission launches incentives for cybersecurityCybersecurity development: from AI enhancement to post-quantum cryptography, EU incentivesThe European Commission will invest 84 million euros in six calls to strengthen cybersecurity. These funds are intended to promote artificial intelligence in security operations, strengthen the cyber resistance of SMEs, and facilitate the migration towards encryption systems resistant to quantum...

ALPHV operational disruption: FBI BlackCat ransomware strikeSuccessful sabotage: FBI and international police forces block the ALPHV criminal networkThe FBI, thanks to extensive international collaboration, hacked the infrastructure of the ALPHV criminal network also known as BlackCat, obtaining keys to decrypt data of ransomware victims. The operation blocked approximately $68 million in extortion. Despite this, ALPHV may reorganize under another...

Positive results of the GDPR and request for support from the EDPBChallenges and prospects: the importance of the GDPR in the European digital landscapeThe European Data Protection Board (EDPB) supports the findings of the General Data Protection Regulation (GDPR), but calls for more resources to address future digital challenges. The EDPB plays a key role in ensuring uniform implementation of the GDPR across member states and requires harmonized procedures...

The Porsche Macan and EU cybersecurity legislationImplications of the new EU rules on cybersecurity: the temporary farewell of the Porsche Macan from the European marketDue to new EU regulations on cybersecurity, Porsche will suspend sales of its Macan model in Europe from 2024. Adapting the SUV to the new standards would be excessively expensive. However, Porsche will present the new, rules-abiding electric Macan in 2025.

Operation EMMA: global effort against bank fraudGlobal synergy in the fight against financial cybercrimeThe international operation EMMA, supported by Europol, Eurojust and Interpol, intercepted over 10,000 suspicious transactions, arrested more than a thousand people and prevented fraud worth around 32 million euros. The Italian Postal Police has identified 879 "money mules", avoiding fraud worth over...

EU Parliament calls for tighter rules for cloud and AIDMA regulatory developments: focus on cloud services and artificial intelligenceThe European Parliament's Economic Affairs Committee (ECON) sees the importance of regulating cloud services and artificial intelligence in the Digital Markets Act (DMA) to ensure fair competition. There is an urgent need for an acceleration of antitrust procedures, a critical examination of the concessions...

Global blow to cybercrime: a major ransomware network has fallenCybercriminal organization busted: a success for global cybersecurityAn international operation has led to the arrest of cyber criminals in Ukraine responsible for ransomware attacks in 71 countries, using advanced malware to extort cryptocurrency payments.

WeChat and Kaspersky apps banned on government devices in CanadaA necessary action to ensure the integrity of sensitive Canadian government dataCanada announced a ban on Tencent and Kaspersky apps on government mobile devices, citing privacy and security risks. WeChat, a popular Chinese app, has been banned due to concerns over its origins. Kaspersky criticized the ban as political.

Joint operation dismantles Ragnar Locker ransomware groupThe dangerous ransomware group has fallen: news of an unprecedented international operationAn international operation has led to the arrest of the criminal group responsible for the Ragnar Locker ransomware, known for attacks on critical infrastructure. The action was coordinated by Europol and Eurojust, involving 11 countries including Italy, and sends a clear message to hackers who act with...

Spanish operation against cybercriminals: 34 members arrestedTwist in the investigation: 34 arrests in an operation against cybercrime in SpainSpanish Police have arrested 34 members of a criminal organization specializing in cyber scams, which stole the data of 4 million people and monetized the data. The scammers posed as delivery companies and energy suppliers, and used insiders to divert goods.

Japan and eight ASEAN nations strengthen cybersecurity collaborationThe creation of a joint defense network between Japan and ASEAN to address cyber threatsJapan and eight ASEAN countries have agreed to collaborate in the area of cybersecurity to counter alleged cyberattacks and strengthen national cyber defense. The commitment was made during the conference in Tokyo.

Tourism Digital Hub: agreements to support 20,000 businesses in the tourism supply chainA strategic partnership for the innovation and growth of the Italian tourism sectorThe Ministry of Tourism and Unioncamere have signed an agreement to involve 20,000 tourism businesses in the Tourism Digital Hub platform. This platform aims to enhance the Italian tourist offer on international markets and encourage the digitalisation of the sector. The tourism strategic plan also includes...

Rohan Massey's role in the tech industryMassey's key role in cyber breach management and regulatory compliance in the technology sectorThe article describes the role of Rohan Massey, partner at Ropes & Gray, in the technology sector. He focuses on regulatory compliance, data management, privacy and cybersecurity. Resolves data protection issues and manages cybersecurity breaches. It also addresses future challenges related to the convergence...

The Pentagon's 2023 strategy: enhance cybersecurity for allied countries and defend critical infr...The DoD's new strategy for enhancing cybersecurity and protecting critical infrastructureThe US Department of Defense has published a cybersecurity strategy 2023. The main goal is to enhance the capabilities of allied countries and critical infrastructure, defending the nation from cyber attacks. Additionally, the Pentagon has launched programs, such as “Hack the Pentagon,” to improve cyb...

What's new in the National Institute of Standards and Technology's brand new CMF frameworkNew updates and performance metrics in NIST's Cybersecurity Framework 2.0The National Institute of Standards and Technology (NIST) has released a draft of the Cybersecurity Framework 2.0. This new version included new features and focuses on organizational security. Comments will be accepted until 2024.

The new Machinery Regulation and its importance in industrial cybersecurityThe impacts of the Machinery Regulation on the protection of company data and the management of IT risksThe new Machinery Regulation approved by the European Parliament introduces cybersecurity requirements to guarantee the safety of machines. It focuses on new technologies such as artificial intelligence, IoT and robotics. Manufacturers must take measures to protect machines from cyber attacks. Compliance...

New England sees surge in cybersecurity and data privacy class action filingsRising legal complexities reflect a shift in cybersecurity litigation trendsIn 2023, New England has seen a rise in cybersecurity and data privacy class action lawsuits, particularly in Massachusetts. Healthcare, tech, retail, manufacturing, financial services, and professional services are the most targeted industries. Two key trends are multiple copycat complaints from a single...

Wild telemarketing: fine for Tiscali and ComparafacileViolations of privacy regulations in telemarketing: fines for Tiscali and ComparafacileTiscali and Comparafacile were fined by the Privacy Guarantor for abusive telemarketing practices. Tiscali provided incomplete information on customer data retention and sent promotional SMS without consent. Comparafacile contacted people without consent and without providing adequate information. Both...

American sanctions against Trickbot and Conti in fighting cybercrimeThe joint US-UK effort against russian-sponsored cybercrimeThe US Treasury Department has adopted new sanctions against the Trickbot and Conti hacker groups, linked to Russian cybercrime. The sanctions target 11 individuals involved in Trickbot, including administrators and programmers. The United States is stepping up efforts to counter the threat of Russian...

Security labels for smart devices: are you willing to pay more for peace of mind?Vulnerable smart devices are putting consumer security at risk: is a change in approach necessary?Buyers are willing to pay more for smart devices that provide data security and privacy, according to a new study. However, experts warn that voluntary labels may not be enough and suggest mandatory labeling to prevent manipulation by manufacturers. The White House has announced plans to introduce optional...

The president of the Privacy Guarantor invites Parliament to be cautious in the use of massive surveillance...Protection of personal data: suggestions from the Privacy Guarantor for responsible surveillanceThe president of the Privacy Guarantor, Pasquale Stanzione, has proposed banning the use of IT devices for wiretaps that can modify the content of the host device. The aim is to ensure greater privacy protection and prevent access to information by third parties. The Guarantor also suggested introducing...

Data security remains an ongoing concern for TikTokTikTok's efforts to improve data protection safeguards and regain user trustTikTok has taken steps to improve the security of user data, relying on a security company in the United Kingdom. The Clover project will guarantee the protection of European data, respecting the GDPR. By April 2024, data will be stored in three secure data centers. These actions will dispel concerns...

Privacy Guarantor fines company for improper use of the video surveillance systemBiometric video surveillance system and continuous monitoring of the position of accused employeesThe Privacy Guarantor has fined a company for the improper use of the video surveillance system, which included fingerprinting and geographical tracking of employees. The company processed worker data without authorization and used biometric data without legal basis, violating the GDPR.

Investigation finds violations by former chairman of Metropolitan District AuthorityUncovering systemic irregularities: an in-depth examination of MDC chairman's unauthorized actionsAn investigation reveals that William DiBella, former state senator and MDC chairman, violated agency rules by authorizing unnecessary legal work. Recommendations to prevent such violations in the future have been made.

Enhancing cybersecurity for Market Infrastructure InstitutionsStrengthening cyber defenses: safeguarding MIIs from growing threatsThis article highlights the importance of dark web monitoring for Market Infrastructure Institutions (MIIs) to combat cybersecurity threats. It discusses the significance of brand abuse and SEBI's comprehensive cybersecurity guidelines in protecting MIIs. By embracing these guidelines, MIIs can proactively...

New SEC rulemaking: everything companies need to know about cybersecurity compliance rulesHow to ensure cybersecurity compliance and protect company dataThe article explores the SEC's new rules on cybersecurity compliance, with a focus on measures companies must take to protect data. Google Cloud is recommended as a reliable solution for ensuring compliance and offering advanced security services. Preventative measures such as reviewing security policies...

The Digital Services Act (DSA) enters into force: a new landscape for large companiesA revolution in the regulation of the digital sector: all the obligations of large companies according to the Digital Services Act (DSA)The Digital Services Act (DSA) is new EU legislation that regulates digital services and imposes greater responsibilities on big companies like Meta (formerly Facebook) and Google. Objective: security, transparency and fight against illegal content.

Facebook users have little time to file for data privacy infringement claimsReserved $725 million to cover complaints from its active users between May 2007 and December 2022Facebook users run out of time to seek $725 million settlement over data privacy breach. It is essential to submit the application within the set deadline and to provide concrete evidence of the violation. The breach raised data security concerns and highlighted the importance of protecting user privacy....

Tesla sues former employees for disclosing user data to a german newspaperLawsuit against former Tesla employees for violation of customer privacyTesla filed a lawsuit against two former employees who allegedly disclosed sensitive data of more than 75,000 users to a german newspaper. This invasion of privacy could damage Tesla's reputation and put your safety at risk. The company took the incident seriously and will take all necessary legal steps...

Data Protection Law in India: privacy concernsConcerns are growing over India's new data protection lawIndia's parliament has passed a new data protection law, but there are concerns over privacy infringement. The law requires explicit consent for the collection and use of personal data, but critics fear the government could access the data indiscriminately. Additionally, overseas data retention arrangements...

The Ryanair case: the user profiling algorithm considered inadmissible according to UrsoThe issue of the use of personal data and the need for regulation to ensure respect for privacy and digital ethicsThe use of Ryanair's profiling algorithm is criticized by an expert in the sector for violating privacy and ethical principles. Urso emphasizes the importance of transparent and ethical practices to avoid legal disputes and maintain customer trust.