Saturday, October 16 2021

The European Council extended a framework that penalizes cyber-attacks against EU or member countries for another year. The framework, part of the EU cyber diplomacy toolbox, aims to strengthen Europe’s resilience against cyber threats.

The measures include travel restrictions and freezing assets of individuals or entities responsible for facilitation of cyberattacks. The sanctions currently apply to Russian, Chinese, and North Korean individuals and entities, although the framework is important for all organizations because parties beyond the cyber attackers can be penalized.

In a recent blog post, Steptoe & Johnson LLP warned companies facing ransomware payment requests to consider the framework. Despite attribution challenges, “payment to listed persons amount to a violation of sanctions regime.” Financial institutions and insurance companies are similarly affected by facilitating payments or providing cyber coverage that includes ransom payments.

Indeed, in the start of what could be a trend, global insurer AXA said earlier this month that it would no longer issue cyber-insurance policies in France that reimburse customers for ransomware payments to criminal groups.

The EU framework is part of a regulatory trend towards increased scrutiny of ransomware payments. The Biden administration’s Executive Order “sets the stage for an uptick in similar actions” in the US, said Alex Sharpe, principal at Sharpe Management Consulting.

While certainly “a step in the right direction,” the Executive Order does not go far enough, according to XPAN Law Partners managing partner Rebecca L. Rakoski. US domestic organizations face a “patchwork of guidelines and standards without clear guidance” from the Federal Government, she stated.

Considering the current lack of clear, substantial legislative and regulatory frameworks, legal ambiguities, and competing interests, the world finds itself at a crossroads. Until fundamental changes are made to legislative and regulatory frameworks, we remain at an “uncomfortable time,” said Sharpe.

Previous

US Infrastructure Plan Includes Billions for Cybersecurity Improvements

Next

Third-Party Cloud Service Misuse Exposes Over 100M Users’ Data

Check Also

Widget

Don’t Miss

Cyber Deal Update: Wiz, EVA Group, Bitglass, & appgate,

Van Michael

Massive expansion continues through acquisition and large-scale capital influx.  Wix raises additional $250 million four months after raising $120 million.  The EVA Group eye’s its seat as a top 3 in France.  Appgate sees $1 billion valuation while going public through NLW’s acquisition. Funding Israeli cybersecurity startup Wiz raises $250 million in latest round of funding at $6 billion valuation.  This […]

CYBER EXECUTIVE MOVES: TransUnion, Kovrr, JLL

Khushi Arora

TransUnion, Kovrr, and JLL nab new chief information security officers. TransUnion, a consumer credit reporting agency based in Chicago, has named Bill Shields as its chief information security officer. Shields joins the company from Visa. Kovrr, an Israel-based cyber risk modelling platform provider, nabbed Philippe Vuilleumier as a member of the company’s chief information security […]

Cyber Deal Update: Orca Security, Carnami, Excygent

Van Michael

Two Homomorphic Encryption outfits fight for superiority through competing rounds of funding. Orca Security closes $550 million in Series C.  Coalition purchases Attune for undisclosed sum.  One Identity acquires OneLogin. Funding Cloud security provider Orca Security closes latest Series C at $550 million.  This round led by Singapore based Temasek provides an updated valuation at $1.8 billion.  This move deepens […]

Cyber Executive Moves: SAIC, Corvus Insurance, Cloudentity

Khushi Arora

SAIC appoints a new CISO, Corvus Insurance gains a new president, and Cloudentity nabs a new chief executive officer with a cybersecurity background. Science Applications International Corporation (SAIC), headquartered in Virginia, has appointed Kevin Brown as its chief information security officer. Brown joins SAIC from medical device company Boston Scientific. Accenture has appointed Jackie Fendrock […]

Cyber Deal Update: Coalition, Akamai, Fireeye & McAfee

Van Michael

Massive growth through expansion and acquisition. SenseOn sees +350% growth. HUB Security buys market access to 40 countries.  Tesserent secures an influx of $25 million to fund yesterday’s acquisitions.  Symphony Technology Group announces plans to buy FireEye’s product business at $1.2 billion with intent to merge McAfee’s enterprise business. Funding In the industry’s mad rush for cybersecurity […]

Cyber DeaL Update: Sternum, Panorays, Ketch

Van Michael

Paris-based Exclusive Networks IPO filing. Latest funding fuels Panoryas’s expansion in the US. LG’s latest buyout drives inroads towards connected car security, while Jungle Disk acquires new product divisions to immediately realize +100% growth. F5’s acquisition of Threat Stack buys real-time threat detection. Funding Exclusive Networks, a Paris-based cybersecurity and cloud solutions provider, filed its […]