EU strengthens anti-hacking laws
European Union members including the UK have launched a new regime that imposes EU sanctions on cyber-security attackers as part of a fresh effort to counter the threat of organised crime and state-sponsored cyber-attacks.
An agreement signed on 17 May in Brussels, gives the UK and the EU rights to impose tough sanctions on players behind cyber-attacks.
Confirming the development, the European Council said it will act on any external threat to the EU or its member states "including cyber-attacks against third states or international organisations".
The official announcement from the UK government said the move is aimed at hostile actors who have been "threatening the EU’s security" by disrupting critical infrastructure, attempting to undermine democracy and stealing commercial secrets and money worth billions of Euros.
"We can now impose tough sanctions on those responsible for malicious cyber-attacks. Trying to interfere in other countries’ democratic processes is becoming normalised," UK Foreign Secretary Jeremy Hunt tweeted. "Russia please note and take heed."
The proposed sanctions include travel bans and asset freezes "against those we know have been responsible for this," the UK announcement said.
The move comes at a time when the UK is facing the contentious issue of whether to include Chinese telecom major Huawei in building its 5G telecoms network.
Moreover, Brexit has cast a shadow of uncertainty on the data protection norms followed by the UK. As with all the EU-related agreements, the UK will have to establish which EU regulations it complies with, with the General Data Protection Regulation (GDPR) now accepted as a benchmark.
It was reported earlier that the UK data protection authority has been urging companies to prepare for a no-deal Brexit to make sure that the data flows from Europe are uninterrupted.
The latest decision for coordinated action against cyber-security threats throws up several logistical and administrative questions, particularly as more companies migrate to cloud computing.
Close to two-thirds of small and medium businesses (SMBs) consider that the current measures to protect their data in the cloud are inadequate according to cyber-security firm IS Decisions.
A research report published by IS Decisions last week shows that 29 per cent of SMBs have suffered a breach of files or folders since moving to the cloud for storage.
"Almost a third (31 per cent) said that since moving to the platform, detecting unauthorised access has become much more difficult, and 22 per cent admitted that hackers have gained external access using an employee’s login credentials," said the firm.
Data sovereignty was a major issue with the report citing how organisations offered the chance to migrate to cloud computing often questioned whether their data stored on a server outside of their home country would be subject to a different set of laws.
Industry: Cyber Security News
- ISO27001 Information Security Consultant
- Up to £60,000
Information Security Consultant with ISO27001 audit and advisory experience is needed for a client facing opportunity with a Cyber Security company in London. Experience with ISO27001 is essential. Activities of the role will include, but not be limited to providing advice to clients, Gap analysis, Risk assessment, analysis, ISO27001 Audits. Experience taking a client through to iso 27001 certification is highly desirable. This Cybersecurity consultancy, who are dedicated to improving and investing in their client's businesses and employees careers, are looking for a security consultant due to expansion. All the training and development will be provided to help them specialise into the PCI industry / Security advisory industry. Ideal certifications ISO27001 Lead Auditor, ISO 27001 Lead implementer, PCI ISA. Aspiring PCI QSA. Other certifications such as CISSP, CISM or CISA are beneficial to have but not required. The ability to SC Clearance is essential. MUST be UK based and realistically able to commute to London. Structured career path, technical training, diverse and interesting clients available. (ISO70001 Lead Auditor, ISO 27001 Lead implementer, PCI ISA. Aspiring PCI QSA, ISO27001 Information Security Consultant) Contact me on email@example.com or 07884666351 or 02086634030 Ref: CH7514
- Google Cloud Data Engineer
- Up to £650 Per Day
Google Cloud Data Engineer London Up to £650 Per Day Duration: 3 months (Potential to extend) We are currently working with a leading Google Cloud partner who are currently looking for a Google Cloud Data Engineer in London. The Google Cloud Data Engineer will be responsible for a new, on-site project (start to finish) designing and implementing a data cataloguing platform using Google Cloud. Current Experience Required Google Cloud Data Analytics (Data Engineering, Data Mining, Data Cataloguing etc.) Cloud PUB / SUB Ref: PG7512
- Professional Services Security Engineer
- United Kingdom
Professional Services Security Engineer with current checkpoint experience is needed for the UK focused client facing implementation/migration, configuration position. The role will be utilising the latest versions of Checkpoint, so someone accredited with either CCSA or CCSE, on at least version R80 is ideal. The Professional Services Security Engineer must have current technical implementation experience using Checkpoint, however, I would look at someone with strong firewalling experience around other vendors such as Palo Alto and Fortinet. Being a multi-vendor professional services business, there is scope for this person to receive training and experience within other vendors. This is a UK wide role, the company in question has 2 offices across the UK, however, there is scope for this person to be home based when not on client site. Vendor training and exposure actively promoted.
- eDiscovery / Forensic Consultant, London, £65,000
Senior eDiscovery / forensic consultant needed to join a business is recognised for helping top tier clients across eDiscovery, Forensics, Incident Response, Advisory etc. Known the for quality, consistency of work throughout the world. This individual MUST be London based, client facing with deep technical hands on experience with eDiscovery / forensic tools, techniques and best practice. Hands on experience using Relativity is essential. The position is split between engaging with client stakeholders to provide consultancy, technical engaging to identify, preserve, collect, process, review and produce electronically stored information in litigation and manage / provide support for the other internal business functions. This will include, but not be limited to; manging client engagements, collecting / processing data within Relativity, delivering / providing guidance customisation on reports, advising clients. Any of the following certifications are highly desirable. • Relativity Certified Administrator (RCA) • Relativity Processing Specialist • Relativity Analytics Specialist Travel to client site will be involved. Fluency in multiple European languages is highly desirable. All details kept in the strictest of confidence. Contact me on Chris.firstname.lastname@example.org 07884666351 or 02086634030