On January 14, 2025, the United Kingdom government published a consultation on ransomware proposing new measures to increase incident reporting and reduce ransom payments (the “Consultation”). The Consultation outlines three objectives in this regard and is open for responses until April 8, 2025. Proposal 1: Targeted Ban on Ransomware Payments The UK government is proposing […]
UK’s National Cyber Security Centre Releases 2024 Annual Review
The United Kingdom’s National Cyber Security Centre (NCSC) has released its Annual Review for 2024. As in prior years, the report covers the UK’s cyber security position, both in terms of threats to the public and private sectors, as well as the country’s readiness to deal with those threats. Unsurprisingly, the NCSC notes that the […]
Forthcoming UK Cyber Security and Resilience Bill to Boost the UK’s Cyber Defenses
In the July 2024 King’s Speech, the UK government announced its intention to introduce a Cyber Security and Resilience Bill (the “Bill”) to improve the UK’s cyber defenses and protect essential public services. The announcement comes as companies and countries increasingly face attacks by cyber criminals and state actors, sometimes disrupting public services and infrastructure. […]
Green Light for the Enforcement of NIS 2 in Limited EU Countries Only
EU Member States had until today, October 17, 2024, to transpose the Network and Information Security (NIS) 2 Directive into their national laws. As Directives are not directly applicable in EU Member States, the EU legislator required all 27 Member States to incorporate into their local laws the requirements of NIS 2 and to make […]
EDPB Adopts Opinion on the Use of Processors and Sub-processors
On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised application of the EU GDPR across the European Economic Area (“EEA”) and is comprised of the heads of the data […]