Cybersecurity Goes Global: Notes From Today’s IAPP Summit

For our friends and colleagues who do business or are planning to do business abroad, here are a few “bits and bytes” from this afternoon’s “Cybersecurity Goes Global” presentation at the International Association of Privacy Professionals (“IAPP”) Summit in Washington D.C.

Key Developments: Similar to the US’s recently-released “Framework for Improving Critical Infrastructure Cybersecurity” (“FICIS”), the European Union (“EU”) recently issued and is actively working to adopt a uniform framework for its 27 member countries. As in the US, the EU faces challenges in creating a framework that is cost-effective and incentive-driven. However, the EU faces unique challenges as it seeks to harmonize the laws of 27 sovereign states with different concerns and levels of preparedness.

On the Horizon: Though the EU Cybersecurity Strategy has been issued and recommended, it still requires formal adoption by the Council of Ministers and European Parliament. The initial target for adoption was 2015; however, with upcoming Parliament elections and the sheer volume of work that needs to be done bringing EU member countries together, many are predicting that final adoption likely will not occur for several more years.

Unique Concerns: The Panel reminded us that, when doing business internationally, we need to be especially mindful that cyber risks are much broader than identity theft, and your company’s cybersecurity is only as strong as its weakest link. The international community is seeing more and more instances of cyber malfeasance committed to harm people and corporations, as opposed to committing simple fraud. Moreover, many of the most harmful cyber incidents of late resulted from failings of third-party vendors, often without the resources or incentives to implement the security precautions mandated by the owner of the data.

If you are interested in more notes from the IAPP Summit, click here.

Feel free to contact a member of our Data Privacy & Security team if you have questions about data security, privacy or cyberliability issues.

Related Services

For our friends and colleagues who do business or are planning to do business abroad, here are a few “bits and bytes” from this afternoon’s “Cybersecurity Goes Global” presentation at the International Association of Privacy Professionals (“IAPP”) Summit in Washington D.C.

Key Developments: Similar to the US’s recently-released “Framework for Improving Critical Infrastructure Cybersecurity” (“FICIS”), the European Union (“EU”) recently issued and is actively working to adopt a uniform framework for its 27 member countries. As in the US, the EU faces challenges in creating a framework that is cost-effective and incentive-driven. However, the EU faces unique challenges as it seeks to harmonize the laws of 27 sovereign states with different concerns and levels of preparedness.

On the Horizon: Though the EU Cybersecurity Strategy has been issued and recommended, it still requires formal adoption by the Council of Ministers and European Parliament. The initial target for adoption was 2015; however, with upcoming Parliament elections and the sheer volume of work that needs to be done bringing EU member countries together, many are predicting that final adoption likely will not occur for several more years.

Unique Concerns: The Panel reminded us that, when doing business internationally, we need to be especially mindful that cyber risks are much broader than identity theft, and your company’s cybersecurity is only as strong as its weakest link. The international community is seeing more and more instances of cyber malfeasance committed to harm people and corporations, as opposed to committing simple fraud. Moreover, many of the most harmful cyber incidents of late resulted from failings of third-party vendors, often without the resources or incentives to implement the security precautions mandated by the owner of the data.

If you are interested in more notes from the IAPP Summit, click here.

Feel free to contact a member of our Data Privacy & Security team if you have questions about data security, privacy or cyberliability issues.

In Case You Missed It:

  • The Deadline is Approaching Fast on New Data Privacy Laws
    May 6, 2024 | Firm Publication
  • Hüskers Dü Privacy
    April 24, 2024 | Firm Publication
  • Kentucky Gallops into the Privacy Race: Kentucky’s New Consumer Data Privacy Law
    April 15, 2024 | Firm Publication