New offerings in Government & Public Affairs – Establishing Local Contacts in China2018.05.30
Opening doors to and facilitating dialogue with relevant authorities and associations in China....
Office Space through Maersk Broker and Profundo/Legan2018.06.08
If your company is looking to expand Your physical presence to China, then Danish-Chinese...
Call for Interest! Market Research in China2018.05.30
During DCBF’s visit to China, we had the opportunity to negotiate a preliminary agreement with...
In Memory of Nils Foss2018.05.17
Condolences from Zhen Jianguo2018.05.30
The following is a letter sent from former Ambassador of China to Denmark, Zhen Jianguo, in...
How to Build a Security Programme for Your China Entity – Reducing Cyber Attacks and Fraud Risks in China
- Published on Thursday, 10 November 2016 14:03
On the 9th of November, Danish-Chinese Business Forum held a Member Meeting looking closer into how to build a security programme for your China entity and how to reduce cyber attacks and fraud risks in China. The event was kindly hosted by Bird & Bird at their Headquarters in Copenhagen.
Cybercrime is one of the fastest growing risk and one of the top 3 concerns in many companies. China is one of the most active countries in state-sponsored or state-controlled cyber attacks against countries and companies.
Partners from Bird & Bird in Shanghai elaborated on how to manage risks from cyber attacks to fraud and corruption and speak about the current environment in China in regard to typical scenarios where corruption risks appear, and best practice approaches to make operations safer. Sven Michael-Werner started out by explaining the differences between the Chinese and the European courts' view on matters ranging from online bribery to the difficulty of termination of labor contracts in cases where hacking has happened from with-in the organisation. Ying Wang, also Partner at Bird & Bird, followed up on the labour issue with a presentation on the evidence treshold in case of labor arbitration in China.
The second company to present was PwC. Jørgen Sørensen, Partner at PwC (Cyber & Information Security), has 30+ years of experience of working as a consultant within IT audit, IT governance, operational risk and cyber/information security; more recently, he has expanded his focus to also include data privacy. His presentation included a thorough guide to the possible organisations behind cyber attacks and what they target. Using cases, such as the hacking of the airport in Hanoi, Vietnam, he explained how companies must prepare more for these new types of attacks.
He had three main suggestions to companies that operate in China (where fines for hacking are considerably smaller than in Europe):
- Focus on WHO might pose threat to your company (Insiders, Hacktivists, Nation States)
- Consider WHAT are the threat actors above targeting in your business ecosystem (Trade secrets, Financial data, Sensitive Assets)
- Assess HOW threat actors might attempt to attack or gather information on your company (Cyber attacks, Open Source, Insiders)