You have no items in your shopping cart.

Cyber Security: Law and Guidance

Cyber Security: Law and Guidance

  • Author:
  • Publisher: Bloomsbury Professional (formerly Tottel Publishing)
  • ISBN: 9781526505866
  • Published In: September 2018
  • Format: Paperback
  • Jurisdiction: International ? Disclaimer:
    Countri(es) stated herein are used as reference only

List Price: HKD 1,755.00

HKD 1,702.35 Save HKD 52.65 (3%)

Delivery Time: around 4-5 weeks
Extra 2-10 working days if shipping address outside Hong Kong
Free delivery Hong Kong?
Hong Kong: free delivery (order over HKD 1000)
OR
  • Description 
  • Contents 
  • Details

    What is cyber security?

    Cyber security is concerned with both the security of cyber space and the security of entities that use or rely on cyber space. For these purposes, cyber space includes:

    • The internet and the world-wide web.
    • The facilities and apparatus that underpin and connect the internet and the world-wide web (for example, telecommunications, internet access and internet service provision).
    • The facilities and apparatus that support the provision of content available through the internet and the world-wide web.
    • The facilities and apparatus that support data processing and data storage accessible through the internet and the world-wide web (for example, cloud computing services and the supporting infrastructure, such as data centres).
    • Cyber space also includes physical places as well as purely virtual ones.

    Entities that use cyber space need to be cyber secure. However, the regulatory reform process for cyber security in the EU, the US and elsewhere has been very selective about the categories of entities that should carry a statutory duty to be cyber secure.

     

    Legislation and Regulation

    In February 2013, the European Commission published a proposal for a Directive on Network and Information Security, colloquially known as the NIS Directive or the Cyber Security Directive. The purpose of the Directive is to ensure a high common level of network and information security (NIS) within the EU. In March 2014, the European Parliament voted to adopt an amended version of the Directive. To become law the Directive has to be adopted by the Council of Ministers, which is yet to happen. After it is adopted, the EU member states will have to introduce their own national legislation, to transpose the Directive's requirements into their domestic law.

    In addition to the NIS Directive, the EU has embarked on a variety of law reform initiatives that concern similar subject matter such as:

    • Draft General Data Protection Regulation (GDPR)
    • Draft Payment Services 2 Directive (PSD2)
    • Better Regulation Directive 2009

    Policy and legal developments abroad support the point that the trajectory of the law is broadly the same the world over. The critical point of difference between jurisdictions concerns the introduction of ex ante regulatory frameworks to establish an enforceable duty of care for cyber security. The EU wishes to adopt an ex ante regime, unlike the United States (US), which prefers to use "soft law" mechanisms to achieve its ambitions for cyber security. However, the approach of the UK government is more consistent with the US approach than the EU approach. Where the US and EU is most aligned is on a duty of "breach disclosure", whereby the providers of critical infrastructures and services are required to notify regulatory bodies of serious cyber security incidents.

     

    Cyber Security: Law and Guidance provides an overview of the key legal developments for cyber security in England and Wales, focusing on the proposed NIS Directive and related legal instruments, including those for data protection and payment services. It also provides insights into how the law is developed outside of regulatory frameworks, by reference to the "consensus of professional opinion" on cyber security, case law and the role of professional and industry standards for security.

    Suggestions are made on how to build a "defensive shield" to protect an organisation from regulatory actions and litigation. With cyber security law destined to become heavily contentious legal privilege will be an advantage.

    Organisations require expert assistance to operationalise these matters and Cyber Security: Law and Guidance provides this assistance.

  • Chapter 1: Introduction
    Chapter 2: Strategic Context
    Chapter 3: Threats
    Chapter 4: Vulnerabilities
    Chapter 5: The Law
    Chapter 6: Corporate Governance
    Chapter 7: Industries
    Chapter 8: The Legislation Post Brexit
    Chapter 9: International Law
    Chapter 10: The Interaction between States
    Chapter 11: The Information Commissioner
    Chapter 12: Employee Liability and Protection
    Chapter 13: Data Security
    Chapter 14: Data Breaches
    Chapter 15: Litigation and Rules of Evidence
    Chapter 16: Criminal Law
    Chapter 17: Immunity, the Locus and Standing of the Accused
    Chapter 18: How to Mitigate the Losses
    Chapter 19: The Government's National Response
    Chapter 20: Implementation Plan
    Chapter 21: How to Defend
    Chapter 22: Develop
    Chapter 23: International Action
    Chapter 24: Metrics
    Chapter 25: Conclusion
    Appendices: Sample Legal Documents, eg breach of disclosure letters, contractual clauses and policy frameworks

You may also be interested in these books: