From May 2018, the General Data Protection Regulation (GDPR) will transform how businesses distribute digital data. All organizations that handle European Union data will need to adhere to strict industry standards. Those that don’t and sustain a cyber breach could be liable to 20,000,000 euro fine or up to 4% of their annual yearly global profit.
GDPR compliance is not there to catch businesses out. The idea is to facilitate the use of data and protect against the growing threat of cybercrime. New guidelines and strategies aim to ensure the safe management how we store, share and delete data on global scale.
Cyber Criminals are Industrious and Business like
Hackers recently attempted crack MPs and their staff’s email accounts. The security team at the houses of parliament became aware of unauthorized attempts and blocked all access. Constituent’s data and other contacts in the MPs accounts, could have fallen into criminal hands.
Under the new GDPR regulations, regardless of Brexit, even a government handling EU citizens’ data could be liable to a fine. The methodical approach of cyber-attacks is becoming increasing organized and harder to trace. The house of parliament attack, involved continuous re-targeting of weak passwords. The alert was raised when multiple accounts were simultaneously active with failed password attempts.
Investment Needed in Cyber Security
Do business have the 24 hour resource at hand to respond to a parliament style email-attack? Speaking at year’s Glastonbury festival, an unlikely advocate for the cyber tech industry, the Labour leader, Jeremy Corbyn, said: “We need to be investing in cyber-protection. We all rely on computers, we all rely on emails, we all rely on digital records. You wouldn’t leave your building without importing documents under lock and key. A computer is just the same.”
A Safer World for Our Data
One of the key objectives of the GDPR is to give the public and businesses reassurance that within the digital world their data is safe. For the first time, European member states have clear guidelines on handling all digital records. This also applies to any organization that share or access EU data. One of the predictive outcomes of the new regulation is a boost to the cyber security industry worth billions in new revenue.
GDPR Impacts of Cyber Security Breaches
If an organization fails to follow the new regulation and becomes famous for global breach there is a chance that the public and business will lose confidence. Reputational damage can correlate to a loss of new and existing business.
Intellectual property theft
During the cold war, Russia’s nuclear programme was powered by technical leaks from the West. In today’s world, a breach in security could expose your global plans and give competitors the edge.
Aside from the direct cost of a financial theft, fraud and legal fees, the additional cost of a data Breach could be up to 20 million euros.
Human Resources on the Frontline of Cyber Defence
The cyber threat is growing and GDPR is both a challenge and an opportunity for companies that can adapt be safe. Employees are on the frontline defense. One of the findings from the house of parliament attempted breached, was that very easy to hack passwords were being used by both MPs and staff.
GDPR requires organizations to invest in new architecture, have an incident response plan in place and ensure they have a security team equipped to deal with the 24-hour threat. However bad staff habits could still leave a company liable to a fine. Human Resource managers also play a pivotal role in the basic education of staff on keeping the data safe.
What happens when an employ leaves their laptop at the airport? If their passwords are difficult and no sensitive data is stored on the hard drive, then a phone call to the IT team will cause less panic. Making cyber security the responsibility of all staff can start in the onboarding process, developed through workshops with reminders that the rules of data protection are contractual.