菜单
现代企业受到网络攻击是必然的,问题并不在于是否会受到攻击,而是何时被攻击。

You, Cyber Security
& Ince, in any case

随着企业通过集成数字化网络来提高效率,新的风险也随之产生。然而,网络入侵事件发生后的灾难性损失是不确定的。

“网络入侵”所导致的后果远不止数据丢失。对财产的有形损害、盗窃、业务中断、监管制裁,甚至第三方诉讼,这些都可能是攻击带来的潜在后果。公司还必须考虑对其声誉、股价和客户忠诚度的潜在损害。

保险不是网络风险管理的替代品;它是网络风险管理的一部分。大多数首席执行官认为其公司有充分的网络风险保障,而实际上只有10%的公司有这样的保障。

网络威胁不仅仅存在于企业之外。公司员工(以及相关承包商)所构成的风险是导致网络入侵率超过50%以上的因素之一。

在英士,我们与领先的网络安全专家合作,为您所有与网络相关的需求提供解决方案,具体可提供以下服务:

  • 《网络安全评估》,确认您网络中存在的所有漏洞、保险范围、操作程序和合同条款;
  • 定制的《网络风险管理计划》,降低您在运营、法律、声誉和监管方面的风险;
  • 制定《网络入侵应对计划》;
  • 协助您从网络入侵事件中恢复,包括就监管报告要求、资产追索和第三方索赔提供咨询;
  • 网络渗透测试;
  • 就对家和关键供应商展开尽职调查;以及
  • 员工培训和方案审查。

立即采取措施降低风险。让您竞争对手的资产成为网络犯罪分子期待收获的“容易实现的目标”。

新闻和见解— 网络安全

洞察力 / Cyber security – have you exercised due diligence to make your ship seaworthy?

25-11-2021 / 航运

The recent, and very important, UK Supreme Court decision in Alize 1954 & another v. Allianz Elementar Versicherung & others (CMA CGM Libra) [2021] UKSC 51 has provided a timely and salutory reminder to shipowners and operators of the importance of being able to demonstrate that their ship is seaworthy if they are successfully to defend claims brought against them by cargo interests and others.

Cyber security – have you exercised due diligence to make your ship seaworthy?

新闻 / Free Movement of Personal Data? Cross-Border Transfer vs Localisation – Part 2

12-04-2019 /

In the previous part of this 2-part article, we have discussed the rules in the EU and the UK governing the transfer of personal data. But what about transferring data from Asian countries? Is there a GDPR equivalent in Asia? In this second part of the article, we will discuss the relevant rules in Hong Kong, Mainland China, India and the APEC.

Free Movement of Personal Data? Cross-Border Transfer vs Localisation – Part 2

新闻 / Free Movement of Personal Data? Cross-Border Transfer vs Localisation – Part 1

10-04-2019 /

Given the uncertainty over Brexit, concerns about the movement of people and goods across the UK-EU border post-Brexit are bigger than ever. But what about personal data? Can personal data still be transferred between the UK and other EU countries post-Brexit? What are the relevant laws in the UK and the EU? How are other countries regulating the cross-border transfer of personal data? In this 2-part article, we will discuss the data transfer laws of the EU, the UK, Hong Kong, Mainland China, India and the APEC, and suggest that the trend in the future is for cross-border data transfer to be allowed as long as a prescribed level of data protection measures are in place.

Free Movement of Personal Data? Cross-Border Transfer vs Localisation – Part 1

洞察力 / Are fines and penalties relating to breach of data privacy regulations insurable? – Review from the UK and Hong Kong perspectives

26-02-2019 /

Breach of data privacy protection regulation, with the new European Union’s General Data Protection Regulation (“GDPR”) coming into effect, can result in draconian fines and penalties. In January 2019, Google was fined 50 million Euros for improper disclosure to users as to how data is collected across its services, including its search engine, Google Maps and YouTube, to present personalized advertisements. This penalty is by far the largest penalty to date since the implementation of the new GDPR. British Airways faces a possible fine of £500 million over the data breach of leaking the customer details, including bank card numbers, expiry dates and cvv codes in a cyber-attack. Despite conventional thinking of prohibiting insurances against the fines and penalties based on public policy argument, there is certainly demand for expansion of related data breach insurances. By comparing UK and other EU jurisdictions as well as Hong Kong, the trend for data breach related insurances are on the rise.

Are fines and penalties relating to breach of data privacy regulations insurable? – Review from the UK and Hong Kong perspectives

新闻 / The rise and rise of data

01-10-2018 /

Managing associate Justin Whelan, based in Dubai, authored an article covering the fact that data breaches and cybercrimes are becoming more commonplace both in the Middle East and globally and that the increasing need for protection against cyberattacks mean that cyber premiums will soon outpace those of all other insurance lines

The rise and rise of data

新闻 / GDPR: You’ve done the easy bit so now what?

25-05-2018 /

Now comes the hard part. Ensuring the internal workshops you’ve delivered have been listened to and people handling personal data within your organisation are embracing the data privacy culture is your next challenge.

GDPR: You’ve done the easy bit so now what?

新闻 / Enforcement of the GDPR

24-05-2018 /

NB: all references are to Articles of the GDPR unless indicated otherwise. The new EU General Data Protection Regulation (“GDPR”) which comes into force on Friday 25 May 2018 is the toughest data protection regime in the world. It is the EU’s response to mounting public concern at unauthorised use of data or, perhaps even worse, the commercial use of personal data without even the individual owner of the data being aware that this is happening. In addition to imposing demanding obligations on the collector and processor of personal data, the GDPR also introduces tough sanctions for breaches.

Enforcement of the GDPR

新闻 / Marketing and the soft opt-in

23-05-2018 /

Under the GDPR organisations must ensure they have a lawful processing reason when processing personal data and this includes sending marketing communications to individuals.Legitimate interests and consent will be the lawful data processing reasons used in most situations.

Marketing and the soft opt-in

新闻 / GDPR – Issues for Employers

22-05-2018 /

The GDPR will necessitate various changes for employers as regards their employee data collection and processing activities. In particular, employers should be aware of, and prepare for, the following revisions to the current data protection regime.

GDPR – Issues for Employers

新闻 / CCTV monitoring and the GDPR

21-05-2018 /

The use of CCTV will be covered by the GDPR from 25 May 2018 where the recordings contain information which identify an individual ie personal data Most uses of CCTV by organisations are currently covered by the Data Protection Act so compliance now should provide a head start for GDPR compliance

CCTV monitoring and the GDPR

新闻 / How GDPR will change your commercial contracts

18-05-2018 /

Both data controllers and data processors are subject to the GDPR and data processing arrangements will come under more scrutiny. Where a data controller contracts with a third party to carry out data processing, a due diligence exercise needs to be carried out to ascertain that the correct data security measures are in place and to ensure overall GDPR compliance in areas such as breach notification, accessibility and retention of data.

How GDPR will change your commercial contracts

新闻 / GDPR – Do you need to appoint a Lead Supervisory Authority?

17-05-2018 /

A Lead Supervisory Authority is the authority with the primary responsibility for dealing with a cross-border data processing activity, for example when there is a data breach or when a data subject makes a complaint about the processing of personal data.

GDPR – Do you need to appoint a Lead Supervisory Authority?

新闻 / Subject Access Requests – Do you need a process?

16-05-2018 /

A data subject has the right to obtain information as to whether personal data is being processed about him or her, access to that data and information about the purposes of processing, the categories of personal data being processed and to whom the personal data is being transferred.

Subject Access Requests – Do you need a process?

新闻 / GDPR – Do you need to appoint a Data Protection Officer (DPO)?

15-05-2018 /

With the imminent implementation of the GDPR, businesses need to assess whether they need to appoint a DPO.

GDPR – Do you need to appoint a Data Protection Officer (DPO)?

新闻 / Lawful processing reasons

14-05-2018 /

Processing personal data will only be permitted when it is lawful to do so and Article 6 of the GDPR allows processing on the following six grounds: 1. Consent 2. Necessary for performance of a contract 3. Necessary to comply with a legal obligation 4. Necessary to protect the vital interests of an individual 5. Necessary for performing public interest or official task 6. Necessary for the purposes of legitimate interests

Lawful processing reasons

新闻 / Features of a GDPR-compliant Privacy Policy

11-05-2018 /

Once of the key principles of the General Data Protection Regulation (GDPR) is that individuals must be provided with clear, understandable and accessible information about how and why their personal data will be used. The simplest way to achieve this is to put in place a Privacy Policy or, if you already have one, to ensure that it is updated appropriately before the GDPR enters into force on 25 May 2018.

Features of a GDPR-compliant Privacy Policy

新闻 / Overseas transfer of personal data

10-05-2018 /

Transfers of personal data overseas requires careful consideration of the adequacy of the data protection safeguards in the overseas territory and the international organisation data is being transferred to. For the purposes of the GDPR, a non-EU country is treated as a “third country” and transfers of personal data to third countries are permitted only if appropriate safeguards are in place or if an adequacy decision has been made by the EU Commission.

Overseas transfer of personal data

新闻 / GDPR – Where are we now?

09-05-2018 /

The recent Cambridge Analytica/Facebook revelations have put data privacy issues firmly in the spotlight. The timing could not be better for strengthening the case for the imminent data protection reform which is to be implemented by the General Data Protection Regulation (GDPR) and the UK’s Data Protection Act 2018, from 25 May 2018.

GDPR – Where are we now?

新闻 / Marine Cyber Risk Insurance

09-05-2018 / 保险, 网络安全

Ince Gordon Dadds Partner Simon Cooper has contributed the chapter lsquoMarine Cyber Risk amp Insurancersquo to the recent release lsquoMarine Liabilities in a Global and Regional Contextrsquo

Marine Cyber Risk  Insurance

新闻 / Extra-territorial reach of GDPR and non EU organisations

08-05-2018 /

Harmonisation of data protection requirements across the 28 EU Member States has created a gold standard data protection regime which will extend beyond the EU's physical borders For organisations outside the EU, it is essential that they consider whether they are within the scope of the GDPR and its enforcement powers

Extra-territorial reach of GDPR and non EU organisations

新闻 / Cyber security: An insurance perspective

01-03-2018 / 保险

Cyber incidents are becoming increasingly frequent and widespread and the losses caused are increasing. All industries and all manner of businesses are susceptible. It is prudent for companies and insurers to view such incidents not so much as ‘if’ they should occur, but rather ‘when’ they will occur. It has been estimated that the global cost of cyber-related crime will rise annually to USD3 trillion by 2021. Although cyber incidents are a worldwide issue, it is fair to say that the Middle East is experiencing higher levels of cyberattacks in relation to the global average.

Cyber security: An insurance perspective

新闻 / Cyber risks facing ship managers

14-02-2018 / 航运, 网络安全

Digitalisation of shipping and the associated cyber risk vulnerabilities are hotly debated and discussed topics in the shipping industry, both at state and corporate levels Whilst the focus appears to be largely on shipowners and the use of autonomous ships, there are also a number of pressing areas of concern that ought to be considered and addressed in the context of ship management

Cyber risks facing ship managers

新闻 / Blockchain - the answer to all your problems?

13-02-2018 / 航运

In 2017, the maritime industry was awash with predictions of the potential for blockchain technology to enhance communication, allow transparency across the supply chain and thereby streamline traditionally paper-based trade processes. Ultimately, blockchain would be expected to combat the current fragmentation across the industry by making processes more efficient.

Blockchain - the answer to all your problems?

新闻 / Ince to speak at the Maritime Cyber Resilience Forum during 2018 Asia Pacific Maritime conference

13-02-2018 /

Rory Macfarlane, Hong Kong-based partner of Ince Co and the Asia Chair of the firm's Regulatory Compliance group, has been invited to speak at the Maritime Cyber Resilience Forum in Singapore on 15 March organised by Digital Ship during this year's Asia Pacific Maritime, Asia's largest maritime and offshore conference that attracts 15,000 visitors every year

Ince to speak at the Maritime Cyber Resilience Forum during 2018 Asia Pacific Maritime conference

新闻 / Blockchain – panacea or red herring?

05-02-2018 /

In 2017 the logistics and transport industry was awash with predictions of the advances that a myriad of new technologies were going to bring. One of the major predicted advances was the use of blockchain technology to enhance communication and transparency across the supply chain, to effectively deal with the current fragmentation across the industry and to make traditionally paper-based trade processes more efficient. Here in Hong Kong, the government has recognised the potential of blockchain and the need for further research into its practical application1. In a whitepaper published in October 2017, the Hong Kong Monetary Authority identified a number of legal and compliance issues with distributed ledger technology. It also set out the results of proof of concept tests in trade finance, digital identity management and mortgage loan applications2, demonstrating the benefits and challenges of the practical applications of the technology in its current form.

Blockchain – panacea or red herring?

新闻 / Is the shipping industry prepared for GDPR

15-11-2017 / 航运, 网络安全

Shipping companies collect a great deal of personal data, including passenger information, crew and employee details, customer lists and details of business contacts The complex global nature of the industry and high level of personal data processed and exchanged, often across national borders, can leave information vulnerable to security breaches, intentional or otherwise Implementing effective data protection controls into daily operating procedures is a huge challenge However, when the EU General Data Protection Regulation and the UK's Data Protection Act 2018 come into force on 25 May 2018, businesses ignore themnbspat their peril, as non-compliance can result in large fines and reputational damage There are also commercial benefits to effective compliance companies that protect the privacy of their passengers, employees and business associates and conduct properly targeted marketing campaigns will be more likely to attract and retain business and staff We set out below some of the issues you need to consider and how you can action them and demonstrate compliance in view of the accountability principle

Is the shipping industry prepared for GDPR

新闻 / Regulatory and compliance checklist how do your internal policies fare

24-10-2017 / 航运, 网络安全

Whilst transportation and infrastructure companies are no strangers to regulatory compliance, in recent years, the scope and pace of regulations have increased significantly As a result, all companies should be looking to continually update and broaden their internal compliance policies

Regulatory and compliance checklist how do your internal policies fare

新闻 / Rory Macfarlane and John Boles discuss Cyber Security in an era of opportunity'

22-09-2017 / 网络安全

Partner, Rory Macfarlane, John Boles, Director of Global Legal Technology Solutions at Navigant and Richard Clayton, Lloyd's List's Chief Correspondent recently delivered a podcast on Cybersecurity, hosted by Informa and sponsored by Ince Co

Rory Macfarlane and John Boles discuss Cyber Security in an era of opportunity'

新闻 / Rory Macfarlane discusses the importance of preparation for a cyber-attack

06-09-2017 / 网络安全

Ince Co's Hong Kong-based partner, Rory Macfarlane, explores the necessity for businesses to prepare for cyber-attacks, in Asia-mena Counsel's recent publication on Cyber Security and Data Protection

Rory Macfarlane discusses the importance of preparation for a cyber-attack

新闻 / Cybersecurity. Wannacry; now Petya. What steps have you taken to protect your business?

28-06-2017 /

Yesterday’s Petya ransom-ware attack highlights again the serious effect that cyberattacks can have on all companies operating in an increasingly digitalised and interconnected marketplace. Although the full scope and scale of this attack will emerge with the fullness of time, events like this will only become more common if companies within the shipping and transport sectors remain unprepared.

Cybersecurity. Wannacry; now Petya. What steps have you taken to protect your business?

新闻 / Rory Macfarlane examines cyber risks for shipping

20-06-2017 / 航运, 网络安全

Ince Co's Hong Kong-based partner Rory Macfarlane, who also co-heads the firm's regulatory and compliance practice in Asia, discussed the potential impact of cyber-attacks on shipping companies in an article published by Splash 247

Rory Macfarlane examines cyber risks for shipping

新闻 / Cyber attack and the energy industry – what will you be holding when the music stops?

09-06-2017 / 能源及基础设施

The worldwide ransomware attacks of 12 May 2017 have made it clear that any business is vulnerable to a cyber attack The WannaCry virus was unleashed on everything from hospitals in England to car manufacturers in France and petrol stations in Chinanbsp Although its further dissemination has been stopped, it is confidently predicted that the attacks will return

Cyber attack and the energy industry – what will you be holding when the music stops?

新闻 / GDPR – What’s new?

17-05-2017 /

The EU’s General Data Protection Regulation (“GDPR”) is the single most significant piece of data privacy legislation passed by the European Parliament in the last two decades. It has a significantly broader scope than the existing legislation and introduces a tiered penalty system for non-compliance, with fines as high as 4% of annual global turnover or EUR 20m whichever is the higher.

GDPR – What’s new?

新闻 / Cyberattacks make companies and governments WannaCry

15-05-2017 /

Whilst the reaction from both mainstream and social media was one of shock at the extent of this weekend's global cyber-attack, for those working within cyber-security it came as little surprise

Cyberattacks make companies and governments WannaCry

新闻 / BRANCHED TO TRAINING Cyberattacks make companies and governments WannaCry

15-05-2017 / 网络安全, 航空和旅游, 能源及基础设施, 保险, 商品与贸易, 航运

Whilst the reaction from both mainstream and social media was one of shock at the extent of this weekend's global cyber-attack, for those working within cyber-security it came as little surprise

BRANCHED TO TRAINING Cyberattacks make companies and governments WannaCry

新闻 / Employee Shields against Cyber Attacks

04-05-2017 /

Protecting data from misuse requires continuous review of business practices as well as supporting technology tools

Employee Shields against Cyber Attacks

新闻 / The General Data Protection Regulation

03-05-2017 /

The General Data Protection Regulation (GDPR) comes into force on 25 May 2018 The GDPR will update and harmonise data protection procedures, address new technological developments and bolster enforcement across the EU

The General Data Protection Regulation

新闻 / Germany new standard conditions for cyber insurance

02-05-2017 / 网络安全

New standard conditions for cyber insurance released by the German Insurance Association are only partly eligible for the market

Germany new standard conditions for cyber insurance

新闻 / Understanding the implications of Cyber Insurance

27-03-2017 /

One of the most frequent questions received by CCW Global in relation to corporate risk management is what is Cyber Insurance, and why do we need it Organizations will understand why Employee's Compensation Coverage, Professional Indemnity Insurance, and Public Liability protection are needed for the business these covers are part of the routine risk management process and due diligence that businesses will implement in order to protect themselves against losses

Understanding the implications of Cyber Insurance

新闻 / UK: Cyber Security Regulation and Incentives Review

14-03-2017 /

On 21 December 2016, the UK Government published “the Cyber Security Regulation and Incentives Review”. The review was conducted as part of the Government’s £1.9bn 5 years’ plan, the National Cyber Security Strategy, to “mak[e] the UK the safest place in the world to live and do business online”. It follows an extensive consultation with a wide range of commercial and non-commercial stakeholders and presents the Government’s position on cyber risk regulation and management in the private sector (excluding those companies operating in sectors critical to the national economy and falling under the forthcoming European Directive on Security of Network and Information Systems).

UK: Cyber Security Regulation and Incentives Review

新闻 / Hong Kong: Nothing is certain but death, taxes and cyber attack

09-02-2017 /

Had Benjamin Franklin been writing to Jean-Baptiste Leroy in 2017 rather than 250 years ago, then he would have probably added ‘cyber-attack” to his list of life’s certainties. It is no longer a question of ‘if’ your business will be subjected to a cyber-attack; but a question of ‘when’.

Hong Kong: Nothing is certain but death, taxes and cyber attack

新闻 / EU Directive on Security of Network and Information Systems

23-01-2017 /

The Directive on Security of Network and Information Systems (the NIS Directive) was adopted by the European Parliament on 6 July 2016 and Member States have until 9 May 2018 to implement it in their national legislation

EU Directive on Security of Network and Information Systems

新闻 / PRA Considers cyber insurance underwriting risk

24-11-2016 /

The continued dependence on electronic and network-based systems, combined with the constant development and sophistication of the threats posed to those systems by criminals, political activists, terrorist groups and others, means that all businesses, regardless of their size or area of operation, are increasingly exposed to cyber risks.

PRA Considers cyber insurance underwriting risk

新闻 / Cyber risk - mind the gap!

05-08-2016 / 保险

Today, almost every organisation is reliant on technology – it dominates communication systems, transport, financial services and many other aspects of commerce – and as technology becomes ever more complex and sophisticated, so do the risks you face.

Cyber risk - mind the gap!

新闻 / Singapore: Cyber Security Bill

01-07-2016 /

From hacking into international money transfer systems to phishing email accounts, cyber criminals have been gaining in notoriety and causing lots of financial and security issues for businesses. The sophistication and speed at which these attacks are carried out often make it difficult to trace the tracks of the hackers and to recover the stolen assets. An additional difficulty is the lack of regulation of cyber space, which crosses all national boundaries. In an effort to contain the problem, countries have been introducing or revising existing cyber security laws. In this article, we review Singapore’s proposed new Cyber Security Bill and the impact it will have on businesses.

Singapore: Cyber Security Bill

新闻 / Containers: "heavies over lights" a thing of the past?

28-04-2016 / 航运

On 1 July 2016, the amendments to Chapter VI Regulation 2 of the Safety of Life at Sea Convention (“SOLAS”) will become effective. From that date, it will be: (i) mandatory for a shipper of a packed container to verify and provide the container’s verified gross mass (“VGM”); and (ii) a violation of SOLAS for a packed container to be loaded onto a vessel, if the ship operator and marine terminal do not have the container’s VGM.

Containers: "heavies over lights" a thing of the past?

订阅电子通讯

所有标有*的字段都是必填的

分享本页