SDC Opening New Building2017.09.13
A house of new opportunities will open its doors when, on 25 September 2017, the Sino-Danish...
Data Protection Law and Transferring Personal Data out of China2017.08.30
Complying with the fast changing data protection law in China has become increasingly important...
E-Commerce in China - A crash course that gives you the tools to get it right2017.08.15
There is no doubt that China’s online market is huge and it is continuously growing. China has...
Embrace the Trend of Chinese Investments in Europe2017.06.23
We are standing at the threshold of what has been called China’s century. Chinese companies are taking...
E-Commerce In China - Where to Start?2017.06.13
On June 13, Danish-Chinese Business Forum held a teaser Member Meeting for the upcoming...
How to Build a Security Programme for Your China Entity – Reducing Cyber Attacks and Fraud Risks in China
- Published on Thursday, 10 November 2016 14:03
On the 9th of November, Danish-Chinese Business Forum held a Member Meeting looking closer into how to build a security programme for your China entity and how to reduce cyber attacks and fraud risks in China. The event was kindly hosted by Bird & Bird at their Headquarters in Copenhagen.
Cybercrime is one of the fastest growing risk and one of the top 3 concerns in many companies. China is one of the most active countries in state-sponsored or state-controlled cyber attacks against countries and companies.
Partners from Bird & Bird in Shanghai elaborated on how to manage risks from cyber attacks to fraud and corruption and speak about the current environment in China in regard to typical scenarios where corruption risks appear, and best practice approaches to make operations safer. Sven Michael-Werner started out by explaining the differences between the Chinese and the European courts' view on matters ranging from online bribery to the difficulty of termination of labor contracts in cases where hacking has happened from with-in the organisation. Ying Wang, also Partner at Bird & Bird, followed up on the labour issue with a presentation on the evidence treshold in case of labor arbitration in China.
The second company to present was PwC. Jørgen Sørensen, Partner at PwC (Cyber & Information Security), has 30+ years of experience of working as a consultant within IT audit, IT governance, operational risk and cyber/information security; more recently, he has expanded his focus to also include data privacy. His presentation included a thorough guide to the possible organisations behind cyber attacks and what they target. Using cases, such as the hacking of the airport in Hanoi, Vietnam, he explained how companies must prepare more for these new types of attacks.
He had three main suggestions to companies that operate in China (where fines for hacking are considerably smaller than in Europe):
- Focus on WHO might pose threat to your company (Insiders, Hacktivists, Nation States)
- Consider WHAT are the threat actors above targeting in your business ecosystem (Trade secrets, Financial data, Sensitive Assets)
- Assess HOW threat actors might attempt to attack or gather information on your company (Cyber attacks, Open Source, Insiders)