Reading:
Cyber Law Round-Up: SOCRadar’s Curation for Recent Cyber Legislations Across the World in 2021

Cyber Law Round-Up: SOCRadar’s Curation for Recent Cyber Legislations Across the World in 2021

December 29, 2021

As security threats and ransomware incidents ramp up, governments rush to keep up with this pace by developing new legislative acts, laws, and regulations.

The internet has now become an integral part of everyone’s daily routine. It has taken over the world, from fundamental communications to banking. Enterprises have also chosen to carry on their operations via the internet. 

As a result, e-commerce has grown in popularity. Many government activities are now conducted online, and e-finance has exploded in popularity last year. As the internet has grown in popularity, so have the risks. 

Cyber Law functions as a barrier in cyberspace, preventing cybercrime from taking place. Officials have taken it upon themselves to draft and enact legislation to combat illegal online activity.

Intellectual property, contract, jurisdiction, data protection regulations, privacy, and freedom of expression are all covered by cyber law. It oversees the distribution of software, information, online security, and e-commerce via the internet. E-documents are given legal validity in the field of Cyber Law

It also establishes a framework for e-commerce and e-filling. To put it another way, Cyberlaw is a legal framework for dealing with cybercrime. Due to the increased digital commerce adoption, suitable regulatory processes must be in place to ensure that no malpractices occur.

New Cybersecurity Legislation for IoT Devices Introduced in the United Kingdom

Security concerns are on the rise when it comes to IoT. The UK government has proposed new laws into the UK Parliament on November 24, 2021, with the goal of better protecting consumers’ IoT devices from criminal hackers. 

Manufacturers, importers, and distributors of internet-connected gadgets, including phones, tablets, smart TVs, and fitness trackers, will be subject to stricter cybersecurity rules under the Product Security and Telecommunications Infrastructure (PSTI) Bill. The law will also apply to gadgets like smart light bulbs and smart thermostats that can link to many other devices but not directly to the internet. 

These measures include prohibiting the use of universal default passwords, requiring companies to be clear about the steps they are taking to address security weaknesses in their products, and improving the public reporting system for any vulnerabilities detected. Furthermore, these businesses will be required to investigate compliance failures, produce compliance statements, and keep relevant records.

Quote from UK Minister for Media, Data and Digital Infrastructure Julia Lopez 

China’s New Data-Privacy Law Prioritizes National Security Protection

The Data Security Law (DSL) was passed in June. The new regulation aims to safeguard data related to China’s national security. The bill would sit alongside the country’s amended Personal Information Protection Law (PIPL) and the country’s existing Cyber Security Law, which was passed in 2017. 

The Chinese government is taking a multi-year approach to bolster data protection and national security, as seen by the seeming proliferation of data protection legislation. The new Data Security Law will apply to enterprises outside of China that cooperate with Chinese companies or handle data on Chinese residents, extending its reach beyond China’s borders.

Cybersecurity Laws and Regulations in Germany

The German IT Security Act, 2.0 (IT-Sicherheitsgesetz 2.0) of May 28, 2021, which amended or supplemented several laws, now provides a fine of up to EUR 20 million for non-compliance, similar to the GDPR (General Data Protection Regulation in the EU). Several laws govern cybersecurity in Germany. The GDPR, the Federal Data Protection Act, and the Federal Office for Information Security Act are the three most essential pieces of cybersecurity legislation.

To avoid or limit the consequences of cyber-attacks, organizations are often allowed to monitor or intercept electronic communications on their networks. With this new legislation, they must abide by applicable data protection rules when to monitoring their workers’ electronic conversations, which may result in certain limits.

Discover SOCRadar® Free Edition

With SOCRadar® Free Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets. Try for free