GDPR will cost unprepared companies big money
The EU GDPR guidelines stipulate that companies must “install appropriate technical and organisational safeguards that ensure the security of the personal data, including protection against unauthorised or unlawful processing.”
The GDPR regime is designed to protect the data privacy of EU citizens, but because the regulations seek to penalise any company that allows their data to be compromised, the reach of the GDPR is actually global.
The penalties for data compromise specified in GDPR are substantial. The authority has the power to levy fines up to €20 million or 4% of a company’s total annual revenue, whichever they deem to be higher.
“Data breaches are a serious problem for all companies and they often don’t think through just how valuable the data they have is and how easy it could be for cybercriminals to hack it. If cybersecurity isn’t your speciality, people mostly have no idea how serious the consequences of lax data security can be. GDPR has started to get people to think a little more. Companies that neglect to address cybersecurity post GDPR are gambling with some pretty high stakes because the penalties under GDPR are severe. They have the potential to literally put a company out of business.” — Hugh Chambers, Cyber Security Advisor, Uncloak.
GDPR compliance and preparation
GDPR is another potent incentive for companies to protect their data systems better. Many CEOs already recognise the damage that cybercrime and hacking can inflict, but the introduction of GDPR has helped to put cybersecurity at the top of the risk management agenda.
Data breaches caused by cyber-attack are a very serious problem.
A recent report published by APWG found that phishing attacks, the most common cause of damaging data breaches, have gone up 46% since 2017.
FBI cybercrime data shows that data breach attacks have increased by 2,370% since 2015 and the global cost is now in the billions of dollars.
To minimise their exposure to damaging breaches and avoid sanctions from the GDPR authorities, companies should start by ensuring they have proactive cybersecurity policies in place.
Passive virus detection software and basic firewalls aren’t adequate defences any more.
“The traditional view of an IT team running governance, policy and risk for a company, coupled with a penetration test once a year should be long gone. Threats emerge daily and even with good patch management and development practices, companies can get caught out.
“Having a commercial partner with a constant digital eye on your systems will be the future. An outside specialist monitoring security threats facing a specific company in real time.” — Phil Jackson, CTO, Uncloak.
Get serious about cybersecurity
GDPR demands the highest standards of data protection, so no company can afford to ignore the threat of cyber-attack.
Uncloak is a premium solution to zero-hour threats and a watershed for security management. Uncloak brings certified cybersecurity researchers and white-hat hackers together on a Blockchain based threat hunter platform to give companies up-to-the-minute protection.
Experience a demo of Uncloak right now on our website.