Confidential data and cyber security

The subject of confidential data and its cyber security was the subject of a breakfast briefing to the Worshipful Company of International Bankers on Friday 22 September at our London offices.

Harvey Knight, who leads our financial services regulatory practice, put the subject in context by reference to the recent hack of confidential data on Equifax’s systems and the ongoing corporate and personal consequences for the individuals involved. Wrongly handled confidential data has the potential to destroy individuals’ careers as well as corporate value. The FCA’s Senior Managers and Certification Regime has emphasised the personal accountability of those senior managers with oversight.

Stephen Ross, who leads our global fraud practice, explained the personal consequences for any employee tempted to take any confidential data onto their next commercial venture by reference to the outcome of the landmark Marathon Asset Management High Court case. London’s High Court was asked to consider the value of that confidential data. In doing so, London’s High Court ruled that our clients should pay only nominal damages of £1 and awarded them their legal costs.

A guest speaker, Tom Fairfax, Managing Director of Security Risk Management and a leading cyber security expert, explained the first principles of cyber security: know your system’s architecture, know your people and know your external opponents. Any unauthorised access always leaves a trace if you know where and what to look for.

The consensus was that this was a people, not a technology issue.

To visit the Worshipful Company of International Bankers website, please click here.