sb-as logo
Story image

Legal tech profession has its head in the sand over China’s new cybersecurity law, survey finds

01 Mar 2017

China’s new cybersecurity law may have passed three months ago, but 75% of legal technology professionals aren’t even familiar with it.

Those statistics come from a survey conducted by global legal consulting firm Consilio, which surveyed 118 legal tech professionals at a conference in New York last month.

The new law, which be enforced from June 2017, will require all organisations doing business in China to localise their data in the country. This includes data that may contain sensitive information or state secrets.

The survey found that only 14% of respondents are ‘very concerned’ about the new law.

Those organisations that don’t comply will be liable for financial penalties, including a ban from conducting business in Mainland China, or even criminal penalties, imprisonment and the death penalty for extreme cases. 

57% of respondents said that in the last two years, they had at least one legal matter such as government or internal investigations, litigation or M&A which had ‘touched’ China in some way. 

27% said they knew of at least legal matters involving China and their own organisations in the last two years. 8% had between five and nine matters; 22% had between one and four matters; and 25% said they had none.

“China is now the world’s second largest economy, and for global corporations and those that aspire to be global, it is critical for them to have a full understanding of the data requirements and regulatory landscape of that region,” says Dan Whitaker, Consilio China’s managing director.

“Since 2012, cyber walls have been going up in multiple regions around the world, and as countries continue to create new regulations, organizations must continually educate themselves on the quickly evolving nuances of data privacy laws in every jurisdiction, specifically as it relates to the ability to move data in and out of the countries in question,” he explains.

24% of respondents said they were ‘somewhat familiar’ with the new law, while only 2% said they were ‘very familiar’ with it.

Despite the unfamiliarity with specifics, 52% respondents said they have at between 1-25 legal resources and/or people dedicated to international data privacy regulations and compliance. 14% have no individuals assigned.

Story image
SMBs in Southeast Asia hit hard by cyber criminals
Kaspersky has recognised a worrying trend of cyber criminals targeting small and medium businesses (SMBs) in Southeast Asia (SEA), and has released a new offering in response. More
Story image
Ransomware the most common cyber threat to SMBs - report
The survey found that 60% of managed service providers report that their SMB clients have been hit as of Q3 2020. More
Story image
Trend Micro integrates with AWS Gateway Load Balancer for improved security function
Cloud security firm Trend Micro has announced its hybrid cloud security integration with the newly launched AWS Gateway Load Balancer.More
Story image
DevSecOps increasingly important, but APAC organisations lagging behind
The rise of DevSecOps comes at a time when IT leaders are faced with an increasingly active cyber threat landscape, coupled with higher consumer expectations of digital offerings and application usage due to a sharp increase in online activities.More
Story image
ThreatQuotient & Infoblox integrate threat intelligence capabilities
“Together, our integration eases the consumption of threat intelligence from various internal and external sources to ensure that intelligence is accurate, relevant and timely to an organisation’s business.”More
Story image
Kaspersky identifies new banking malware targeting mobile users
"We recommend that financial institutions watch these threats closely, while improving their authentication processes, boosting anti-fraud technology and threat intelligence data, and trying to understand and mitigate all risks of this new mobile RAT family.”More