Gareth Hughes – Debevoise Data Blog

Cybersecurity

Are You Ready for the 1st Hong Kong Cybersecurity Law?

By: Gareth Hughes, Emily Lam and Allegra De Lorenzo April 15, 2025

OVERVIEW OF THE NEW LEGISLATION Definitions The new legislation, described as the first Hong Kong cybersecurity law, regulates designated “Operator of Critical Infrastructure” (the “CIO”) and its “Critical Computer Systems”…

Artificial Intelligence

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

By: Charu A. Chandrasekhar, Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Jim Pastore, Caroline Novogrod Swett, Marshal Bozzo, Matt Kelly, Robert Maddox, Johanna Skrzypczyk, HJ Brehmer, Stephanie Cipolla, Jackie Dorward, Melyssa Eigen, Joshua A. Goland, Martha Hirst, Karen Joo, Gabriel Kohan, Jarrett Lewis, Noah L. Schwartz, Ned Terrace, Stephanie Thomas, Annabella M. Waszkiewicz, Michiko Wongso and Mengyi Xu December 10, 2024

As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…

Artificial Intelligence

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

By: Luke Dembosky, Avi Gesser, Gareth Hughes, Erez Liebermann, Matt Kelly, Emily Lam and Suchita Mandavilli Brundage November 21, 2024

In Part 1 of this series, we discussed the recent Circular and accompanying Appendix issued by Hong Kong’s Security and Futures Commission (the “SFC”) on cybersecurity risks and mitigations related…

Artificial Intelligence

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

By: Avi Gesser, Erez Liebermann, Luke Dembosky, Gareth Hughes, Matt Kelly, Emily Lam and Suchita Mandavilli Brundage November 18, 2024

On November 12, 2024, Hong Kong’s Security and Futures Commission (the “SFC”) issued a Circular (the “Circular”) with an accompanying appendix (the “Appendix”) setting out the SFC’s view of the…