Cybercrime—issues threats and vulnerabilities
Cybercrime—issues threats and vulnerabilities

The following Practice Compliance guidance note provides comprehensive and up to date legal information covering:

  • Cybercrime—issues threats and vulnerabilities
  • What is cybercrime?
  • Potential consequences of cybercrime
  • Cybersecurity threats
  • Vulnerabilities

Cybercrime is a challenge for internal compliance teams requiring a wider response than, 'it's a job for the IT department'. Cyber risk, like any other risk to your business, needs to be managed properly and considered a high priority risk for the internal compliance or legal team. It is a business risk that must be managed within an overall information and risk-management and crime prevention framework.

This Practice Note outlines:

  1. the issues surrounding cybercrime (ie why it needs to be on your radar)

  2. the threats posed to commercial organisations by cybercrime, and

  3. key vulnerabilities

This Practice Note reflects information security and breach notification requirements in the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679 but is not intended to cover specialist sector-specfic requirements in the:

  1. the Network and Information Systems Regulations 2018 (NIS Regulations), SI 2018/506 which implement the provisions of the Network and Information Systems Directive(NIS Directive), Directive 2016/1148/EU, in the UK

  2. the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003), SI 2003/2426 (as amended) or any replacement ePrivacy regulatory regime, and

  3. the Financial Services and Markets Act 2000 (FSMA 2000) and the Financial Conduct Authority (FCA) Handbook

What is cybercrime?

Cybercrime is simply a crime that has some kind of computer or cyber aspect to it. It takes shape in a variety of different forms. These can be