Standard Post with Image

APRA strengthens its efforts to fight cybercrime

The Australian Prudential Regulation Authority (APRA) has introduced a series of new measures to tackle cyberattacks. Under the new measures, the organisations regulated by APRA need to provide regular tests of their security systems, define clearly their information security roles and implement security controls on their information asset protection systems. Such provisions should establish a swift and effective system to respond to cyber-threats.

For more information click here
Standard Post with Image

Italian Member R&P Legal publishes on recent provisions of the Italian legislator on data protection

PrivacyRules Italian Member R&P Legal law firm, one of the leading law firms in the country, publishes a brief commentary on the recent provisions of the Italian legislator on data protection matters.

The commentary is available, in Italian language, her
Standard Post with Image

Canada’s OPC considers new data protection rules, in particular on online cancellation

The Office of the Privacy Commissioner of Canada (OPC) is considering introducing reforms to enhance online protection of personal data. After an initial consultation in 2016, the OPC launched a public consultation on the reforms proposed. The new rules would grant individuals the legal right to force search engines to de-index web pages and remove certain types of data. Although the implementation of the reforms has not yet been confirmed by the Canadian Commissioner, Canadian companies should follow the issue closely.

Find the Reuters related news here
Standard Post with Image

AEPD publishes new guidelines to ease the GDPR impact

The Spanish Agency for Data Protection (AEPD) has published a “Guide on the Risk Analysis and the Impact Evaluation on Data Protection” during an event with business associations from sectors such as banking, energy, consumer goods, insurance, advertising and tourism and representatives of the public administration. The guidelines explain how to recognize, assess and manage the risks involved in activities requiring the handling of personal information. The documents will also help organisations understand how to manage risks in respect of the GDPR.

Find the related news in Spanish language here
Standard Post with Image

US SEC publishes cybersecurity interpretive guidance

The US Securities and Exchange Commission (SEC) has published long-awaited cybersecurity interpretive guidance. The document will assist public companies in their disclosure activities on cybersecurity risks and incidents. The SEC is now reinforcing and expanding the 2011 guidance with two additional topics: the importance of cybersecurity policies and procedures and the application of insider trading prohibitions in the cybersecurity context.

The Commission Statement and Guidance on Public Company Cybersecurity Disclosures is available here