News and thought leadership
Subscribe to our latest updates, reports and upcoming events. Subscribe >
De A
Subscribe to our latest updates, reports and events.
SubscribeShowing 1 - 10 of 197
Ordenado por
-
Article 09/01/2023
Getting physical: Ohio Supreme Court holds that software cannot be physically damaged and endorsement covering software must be triggered by physical loss or damage to covered property
On December 27, 2022, the Supreme Court of Ohio unanimously ruled that a businessowners property insurance policy issued by Owners Insurance Co. (Owners) to EMOI Services, LLC (EMOI) did not afford coverage for losses sustained in a ransomware attack because computer software is “entirely intangible” and “cannot experience ‘direct physical loss or physical damage’.
-
Article 08/12/2022
Minnesota Federal Court rules Cyber Business Interruption clause covers funds lost in fraudulent wire transfer incident
As previously reported, on November 3, 2022, the federal district court for Minnesota, applying Minnesota substantive law, ruled that an insured was entitled to coverage under a Cyber Business Interruption clause for money lost in a fraudulent wire transfer incident.
-
Article 01/11/2022
US Privacy & Breach Litigation Monitor
We are pleased to share the first edition of Kennedys Privacy & Breach Litigation Monitor. This bi-weekly mailing was created with our clients in mind - to bring you up to speed on the latest topics and trends in data privacy and breach litigation.
-
Article 27/10/2022
The ICO issues a firm warning to businesses as it fines UK construction firm, Interserve Group Limited, £4.4 million
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), recently published details of its most recent monetary penalty notice. This latest notice imposes a penalty of £4.4 million on construction and outsourcing firm, Interserve Group Limited arising from a cyber-attack in 2020. Here, we look at what businesses can learn from the notice and what it reveals about the ICO’s enforcement strategy.
-
Article 06/10/2022
MFA and data breaches… is Multi-Factor Authentication as safe as you think?
The global cyber team at Kennedys has seen a growing trend in data breaches arising from the bypassing of MFA by cybercriminals. In this article, we share what we have seen so far, detail the potential repercussions, and provide recommendations on how best to avoid falling victim to this latest trend.
-
Article 31/08/2022
Online Safety Bill: a balance to be struck
On 17 March 2022, the UK Government delivered to parliament a 'world-leading' Online Safety Bill aimed to make the UK the safest place to go online while defending free expression. Here, and in light of Ofcom’s Call for Evidence about its plans for implementation of online safety regulation, we focus on the scope of the Bill’s provisions and the likely impact on organisations.
-
Article 18/08/2022
Good governance: the role of non-executive directors in addressing cyber security risks in a healthcare organisation
Digital technology and data remain an increasingly significant and ever-evolving part of the delivery of modern health and care services. To address the risks posed to cyber security, there are a number of important considerations for healthcare organisations.
-
Article 17/08/2022
New Lloyd’s Market Bulletin addresses state backed cyber attacks
In its latest move to ensure that syndicates are appropriately addressing cyber exposures, Lloyd’s issued on August 16, 2022 Market Bulletin Y5381 -- “State backed cyber-attack exclusion” -- to require “legally reviewed” and “sufficiently robust” wordings in cyber policies to address both war and non-war state backed cyber-attacks. Lloyd’s noted that “exposure to cyber-attack losses has been an area of market focus in circumstances where the losses arise from attacks sponsored by sovereign states” and announced a requirement, effective March 31, 2023, for syndicates to include a state backed cyber-attack exclusion in stand-alone cyber policies at inception or upon renewal.
-
Article 02/08/2022
Guidelines on key compliance requirements for the Personal Data Protection Act in Thailand
After several years of delays the Personal Data Protection Act B.E. 2562 (2019) ("PDPA") came into force in Thailand on 1 June 2022. Since then, on 20 June 2022, subordinate legislation (the "Notifications") under the PDPA was issued by the Personal Data Protection Committee ("PDPC") and published in the Royal Thai Government Gazette.
These Notifications are intended to set out the various criteria and rules, as well as much needed guidance and clarification, of some key requirements under the PDPA.
-
Article 27/07/2022
Notice and process of service via NFTs: A new frontier in tech and litigation?
In a recent precedential decision involving electronic service to an unknown defendant, the High Court of England and Wales approved a special request to issue an interim injunction and permit service of a lawsuit via a non-fungible token (“NFT”). The case follows a similar decision in New York trial court. Both decisions raise issues as to how prevalent will NFT service become in the US and UK.