February 2017 – How can companies and financial institutions best protect their interests and personal data in the face of an increasing number of cyber crime attacks in the Czech Republic was the topic of an expert panel discussion held at Kinstellar’s Prague office.
The event brought together representatives of companies and compliance experts from leading companies active in the Czech Republic and across the region. Most interesting to the attendees were key studies of recent cases of CEO fraud – where typically scammers posing as CEOs manipulate a company employer to transfer funds to the scammer’s bank account. These kinds of cases have increased significantly in the last few years, and the Czech Republic seems to be particularly exposed to such attacks.
Participants at the discussion learned about the most typical techniques used by cyber criminals. In addition to discussions on protection, they also learned how to mitigate the criminal liability of companies and their board members, who are responsible for maintaining sufficient data protection and privacy protection measures. Merely delegating the task of setting up an effective compliance system to compliance or IT departments will not release them from that responsibility. Close board supervision is necessary.
Most cyber crime attacks are either directly caused by employees or the result of insufficient employee training, so the importance of tailor made trainings was also addressed. Cyber attacks often result in personal information being threatened or violated; thus, it is important not to underestimate this issue. The obligation to ensure the security of data stems not only from local legislation (such as the Act on the Protection of Personal Data, Act on Cyber Security, etc.). The EU’s new General Data Protection Regulation (GDPR) will put additional burdens on companies in respect of protection measures. The GDPR will bring significant penalties for breaching its provisions (i.e. up to EUR 20 mil. or up to 4 per cent of annual worldwide turnover). This will certainly motivate companies to invest more in data protection. Most large companies or financial institutions are already preparing for the new regulation, but lot of work still needs to be done.
The panel members included, from Kinstellar, Jitka Logesová, Head of Compliance, Risk and Sensitive Investigations; Stanislav Mečl, Head of the White Collar Defence Practice and a former public prosecutor at the Czech Supreme Public Prosecutor’s Office; Jan Pfeffer, Senior Associate; others from the business community included Tomáš Hládek, Senior Executive Manager, Czech Banking Association; Martin Klubal, Senior IT Security Consultant, AEC; Josef Šedivý, Head of Non-financial Risk Management, Československá obchodní banka; Aleš Špidla, President, Czech Institute of ICT Security Managers; and Filip Volavka, Head of Forensic Technologies, Surveilligence.
For more information about the content of the event please contact Jitka Logesová, head of Kinstellar’s Compliance, Risk and Sensitive Investigation practice, at .