An estimated 75% of companies in Belgium were subject to cyberattacks in 2019. In this context, the Belgian government recently implemented the EU Network and Information Systems Directive and established a computer security incident response. In this video, Paul Van den Bulck examines the measures taken to strengthen cybersecurity in Belgium and predicts that bring-your-own devices, fintech, regtech and cryptoassets are potentially at-risk sectors in 2020.
Cyberattacks on public entities and private companies in Mexico look set to grow exponentially in 2020. However, Mexico has no national cybersecurity, so the private sector has instead introduced self-regulatory schemes to try and protect itself against cyberattacks. This video examines the main cybersecurity issues that businesses in Mexico face today, including the recent growth of 'cryptojacking'.
The Cybersecurity Act came into effect in Taiwan in 2019 and introduced new compliance requirements for reporting cybersecurity incidents that affect the telecoms, banking and transport industries in particular. In addition, Taiwan has just finished the first stage of the 5G spectrum option and the security by design of the network will be further developed in 2020. This video discusses the implications of the Cybersecurity Act for businesses as well as 5G network security developments.
Companies are ever more aware of cyber risks, new EU legislation has been introduced in this regard and national authorities have developed improved enforcement activities. As a result, cybersecurity looks set to become a board-level issue across the European Union due to the increased liability and reputational risks for companies. This video discusses the benefits and risks of the digital transformation of business and what companies need to do to protect themselves.
Penalties for data localisation breaches were the highest fines issued by the Russian Government under the Code of Administrative Offences in 2019 and this issue looks set to continue to dominate the cybersecurity space in 2020. This video examines the scope of data localisation requirements, consequences for data privacy breaches and how companies can ensure compliance therewith.
Cybersecurity is being taken increasingly seriously in Switzerland – both by the federal government and medium and large businesses. With the Federal Data Protection Act set to be revised in 2020 and additional measures in this space expected, companies are likely to continue investing significant resources into combating cyber risks in 2020 and beyond. This video discusses some of the key issues that have been affecting the Swiss cybersecurity space in 2019 and what to expect in 2020.
The Chinese government has been cracking down on the unreasonable collection of personal data, introducing a number of new guidelines to ensure compliance in this regard. On the horizon in 2020 is the potential finalisation of the cross-border transfer rules, which – in their current form – impose stringent requirements on affected companies. This video looks at China's recent approach to cybersecurity and what companies should do to ensure compliance.
In Switzerland the general rules on data protection apply to cloud computing and there is no initiative under consideration to enact cloud-specific laws. Data remains with the data owner and is only stored or processed in the cloud on behalf of the data owner. However, data can be viewed by third parties, depending on the contractual and technical safeguards in place.
The Personal Data Protection Act requires a data controller to take all useful precautions regarding the nature of the data and the risks of processing in order to preserve the security of the data and, in particular, to prevent its alteration or damage, or access by non-authorised third parties. However, in certain circumstances government authorities and related bodies can access data stored in the cloud.
Austria has no specific data security rules for cloud computing. However, depending on the data categories involved, specific data-related security regulations may apply. To date, there has not been a homogenous market approach to tackling the risks connected to cloud services, although companies are starting to become aware of the related risks.
In Turkey, cloud computing services are not specifically regulated and 'cloud computing' is not defined. However, the cloud computing business model may be considered to be an electronic communications service under Turkish law, and therefore such service providers may be required to obtain authorisation from governmental bodies.