Connected – March 2024
Written By
Associate
Germany
I am a seasoned attorney situated at the Bird & Bird Düsseldorf office, with a specialisation in cybersecurity and data protection law, and a co-head of the Bird & Bird International Cybersecurity Steering Group.
This issue has been edited by Dr. Natallia Karniyevich with contributions from the Regulatory & Public Affairs team.
In this Connected Edition, we focus on cybersecurity. In a digital landscape that evolves at an unprecedented pace, staying informed about the latest cybersecurity developments is not just an option – it is a necessity. This edition brings you the cutting-edge updates from across the globe, with a spotlight on Australia, China, Finland, the European Union, and the United Kingdom. We dive deep into the heart of cybersecurity policy reforms and groundbreaking legal developments that are setting new standards in the digital world.
SIGN-UP TO RECEIVE THIS MONTHLY NEWSLETTER BY CLICKING HERE
Australia: Decoding the future of Australian critical infrastructure: The Australian Government’s 2023-2030 Cyber Security Strategy
The Australian Federal Government has set itself the ambitious target (in its 2023-2030 Australian Cyber Security Strategy) to see Australia as a global leader in cyber security and the most cyber secure country on Earth by 2030. The Strategy incorporates establishing a Cyber Incident Review, streamlining incident reporting to Government and regulators (including mandatory ransom payment reporting), reviewing data retention requirements in legislation and amending the Security of Critical Infrastructure Act 2018 (Cth) (SOCI Act).
For more information, please contact Hamish Fraser, Belyndy Rowe and Mia Herrman.
China: Draft Incident Reporting Regulation
On 18 December 2023, the Cyberspace Administration of China (“CAC”) publicly released the Cybersecurity Incident Reporting Management Measures (Draft for Comments) (“Measures”), providing detailed guidance for reporting cybersecurity incidents.
For more information, please contact James Gong, Harry Qu.
Commission Recommendation on secure and resilient submarine cable infrastructures
When Britain entered World War I, among its first actions was cutting the subsea cables connecting Germany with France, Spain and North America. This forced Germany to rely on radio transmissions that were interceptable by British naval intelligence. More recently, on 5 March 2024, AP reported that three subsea cables in the Red Sea have recently been cut, mentioning speculation that this may have been caused by the Yemenite Houthi movement.
For more information, please contact Valerian Jenny.
New UK product security rules for connected products go live in April
The UK’s new product safety requirements for connected products will apply from 29 April 2024 and all businesses in the supply chains of these products need to be compliant with the legislation from that date, where they act as manufacturers, importers or distributors. These requirements are set out in the Product Security and Telecommunications Infrastructure Act 2022 ("PSTI Act"), which is supplemented by Regulations. The PSTI Act is split into two parts, with Part 1 the relevant law on the new security requirements for "connectable products".
For more information, please contact Matthew Buckwell, Rory Coutts.
Stricter cybersecurity rules to apply to products
While much political attention focused on the intense negotiations on the AI Act at the end of last year, another important piece of legislation was also moving towards the finish line. On 27 November 2023, European parliamentarians and the Council struck a provisional deal on the Cyber Resilience Act (CRA), which will introduce new cyber security and cyber resilience obligations to protect digital products in the EU from cyber threats.
For more information, please contact Dr. Natallia Karniyevich, Feyo Sickinghe, Berend Van Der Eijk .
Space security: Best practices for a connected world
Space systems play a critical role in our interconnected world. From enabling global communication and precise navigation to advancing weather forecasting and scientific research, in many instances these systems are the backbone of our technological infrastructure. The growth of satellite solutions for IoT purposes and the recent surge in direct-to-device networks underscores how satellite technology is embedded in the future of communications and connectivity. As these systems become more complex and satellites increasingly support global connectivity for things, the exposure of satellites and related-technology to cybersecurity threats is increasing. These threats can compromise critical functions, disrupt services, and even jeopardise national security, economic stability, and public safety.
For more information, please contact Hayley Blyth.
