Lawyer Monthly Magazine April 2018 Edition

APR 2018 36 Thought Leader www. lawyer-monthly .com detect that they have been breached; thus, allowing an unknown unauthorised attacker to access sensitive company secrets, without the knowledge of the business. We have seen this result in valuable intellectual property and research being stolen, or competitors getting inside information about deals or strategy. Do you believe the GDPR Act addresses all cybersecurity issues? If not, what else do you think should be addressed? The European Union General Data Protection Regulation focuses on protecting European citizens and, more specifically, their personal identifiable information. Many of the principles GDPR introduces (such as Privacy by Design, which ensures that security is CYBERSECURITY Andre D.F. Pienaar, Managing Partner and Founder, C5 Capital asset. This is of course true. They have access to the most sensitive information and we rely on some of them to maintain the security and functionality of our systems. From file hijacking, keylogging and taking screenshots, which poses the most complexity when trying to overcome the damages? Ransomware regularly makes headlines when it cripples a business by denying them access to their own information and systems. But the most complex and dangerous attack to overcome is a sophisticated targeted cyber-attack aimed specifically at your company. Defending against such targeted attacks is a challenge most businesses cannot muster and even more cannot even What would you say is the first course of action any company should take when under a cyber-attack? Don’t panic. Understand what is at risk, consult the incident/ crisis response plans that every company should have on file (and should be tested regularly) and determine what the appropriate action is. Engage experts for specialist incident response and forensic skills, or when an independent investigation is required. What is the most complex form of a cyberattack and how would you say a company should work around it? A regular complex form of cyber-attack is the insider threat. It is often said that employees are a company’s most valuable A family capital-backed in- vestment firm, C5 Capital build long-term relationships with committed investors, in- novative founder teams and global companies keen to maintain their edge. Oper- ating out of London, Luxem- bourg, Cape Town, Washing- ton D.C. and Manama, they identify, nurture and support partners, whether they’re just starting out, or embark- ing on the next phase of their growth. Given their specialist indus- try knowledge and execu- tion capability throughout EMEA, they are able to offer a powerful combination of ex- pertise, funding and growth opportunities, all the while ensuring that we are contrib- uting to the public good. FIRM PROFILE ATTACK ON HACKERS: DOES GDPR ADDRESS EVERYTHING? Cybercrime is agrowingconcern. Hackers andcriminals have taken opportunity to use technological advances to gather sensitive information on you, me and anybody. And over time we have seen big companies fall victim to such attacks; Uber, T-Mobile, Equifax and even Pizza Hut, have been victims of vicious cyberattacks, causing an uproar and individuals feeling greatly at risk, because let’s face it, we never really know who has our data and information. With GDPR coming into effect in May 2018, we are long anticipating whether the new regulations will help tackle cybercrime, or at least the after effects of such an event. This month we speak with Andre Pienaar , who is the founder of C5 Capital and a lawyer, as well as an expert on cyber law and cybercrime. He explains how when a prominent company such as Uber have been breached, the legal counsel will be at hand to deal with such an issue. Nonetheless, bounty programmes are fraught with compliance and fraud risks. Therefore, Andre speaks on the first course of action any company should take when faced with a cyber risk and if GDPR addresses all issues cybersecurity presents. Web:

RkJQdWJsaXNoZXIy Mjk3Mzkz