GDPR

GDPR one year on: measured enforcement is just the beginning

It’s official – the GDPR is one year old. In its first 12 months, the European Commission has demonstrated strong yet measured implementation, with fines totalling over €56 million hitting 91 companies, including €50 million against a single organisation. A significant amount, yet a fraction of the full 4% of companies’ total global revenue they…


It’s official – the GDPR is one year old. In its first 12 months, the European Commission has demonstrated strong yet measured implementation, with fines totalling over €56 million hitting 91 companies, including €50 million against a single organisation. A significant amount, yet a fraction of the full 4% of companies’ total global revenue they could have levied – a difference of billions. 

As enforcement begins, the commission seems to be leaning towards a constructive approach – with some members stating publicly they do not wish to put companies out of business, or leverage a fine so large a company would be incapable of fixing the problem. The goal seems to be to incentivise companies to fix the problem, while letting them know that if they do not, the fine could get worse. As time goes on, this approach will likely change. 

GDPR

  • What’s been done for data privacy since GDPR?
  • Majority of companies still aren’t GDPR-compliant
  • First fine under GDPR

    Today, the commission seems to be  rewarding good behaviour as much as it is punishing bad behaviour. A perfect example of this is the first company to be fined under the GDPR, a German social media platform called Knuddels. On first glance, the offense

    Read More

    Be the first to write a comment.

    Leave a Reply

    GDPR

    Security is now a board level issue: how to secure the data supply chain

    It has never been more crucial for businesses to implement and demonstrate their commitment to cybersecurity; with data increasingly being used to make significant business decisions. While historically, the major concerns for senior management around IT security have focused on intellectual property theft and reputational risk, ongoing changes in technology and politics have changed today’s business…


    It has never been more crucial for businesses to implement and demonstrate their commitment to cybersecurity; with data increasingly being used to make significant business decisions. 

    While historically, the major concerns for senior management around IT security have focused on intellectual property theft and reputational risk, ongoing changes in technology and politics have changed today’s business landscape and priorities significantly. With GDPR now in full force, organisations must demonstrate to stakeholders that they are making a credible effort to ensure that security is built into the heart of business operations. 

    IT security budgets are falling

  • Half of organizations lack the security talent needed to remain secure
  • Empowering CISOs to strengthen password security
  • Vulnerabilities in the data supply chain

    Organisations must first understand what potential vulnerabilities look like within a data supply chain, so they can be recognised and mitigated. As cyberattacks increase in sophistication, they are likely to be so subtle that they don’t visibly impact a system; providing misleading information to force erroneous decisions. Ironically, whilst this type of attack will be very difficult to detect, early identification is vital in order to prevent significant damage.

    The first

    Read More

    Continue Reading
    GDPR

    Trend Micro: Prepare for the age of IIoT security

    With the world becoming more connected thanks to the rollout of the Internet of Things (IoT), the need to ensure the security of this new smart landscape is paramount.This is especially true in the rapidly-growing area of the Industrial IoT, or IIoT, where manufacturers, utility companies and other industrial entities look to embrace the benefits…


    With the world becoming more connected thanks to the rollout of the Internet of Things (IoT), the need to ensure the security of this new smart landscape is paramount.

    This is especially true in the rapidly-growing area of the Industrial IoT, or IIoT, where manufacturers, utility companies and other industrial entities look to embrace the benefits of digital technology in the so-called Industry 4.0.

    However these businesses, many of whom are huge corporations that have been in operation for decades are often laden down with aging legacy infrastructure that is both outdated and essential at the same time – so how do we go about securing this?

    • Trend Micro: IoT brings innovation, but also threats
    • Why IoT security should be top of your list
    • Trend Micro Antivirus+ Security review

    Awareness

    “The problem is that the stuff that you buy for those kind of environments is supposed to last you 30 years or so,” Rik Ferguson, VP Security research at Trend Micro, toldTechRadar Proat the recent InfoSecurity London event.

    “It’s not high turnover equipment…there’s a lot

    Read More

    Continue Reading
    GDPR

    Drowning in GDPR? Five data strategies to navigate GDPR compliance

    About the authorNigel Tozer is Solutions Marketing Director EMEA at Commvault.Regardless of where in the world you work, every business today needs an understanding of global privacy regulations like GDPR, and how to comply with them. Over one year on from GDPR’s inception many businesses are struggling to implement data strategies that help them to meet…


    About the author

    Nigel Tozer is Solutions Marketing Director EMEA at Commvault.

    Regardless of where in the world you work, every business today needs an understanding of global privacy regulations like GDPR, and how to comply with them. 

    Over one year on from GDPR’s inception many businesses are struggling to implement data strategies that help them to meet this challenging regulation; however, with the potential risks and loss of customer trust that you jeopardise by not safeguarding your customers’ data, now is the time to act. 

    As a starting point, there are five main data strategies that can help you on your data protection journey.

    • Ten tips for GDPR compliance
    • GDPR Subject Access Request: authentication cannot be an afterthought
    • Understanding how GDPR has impacted fleet managers

    Get to know your data

    Data management is complex, and making sure that it doesn’t prevent you from complying with GDPR is difficult. But to tackle this, think of GDPR as knowing about what type of data you have. The data that is held by businesses, especially unstructured data, can often become messy due to the fact that everyone who can access it has the ability to use it, copy it and change it. When it comes to personal data, many businesses treat it as though they own it, when actually, they are merely the custodians.

    Data mapping – pinpointing personal data, its content and its risk profile – helps stakeholders to understand the ‘before and after’ of a breach, which in turn helps to predict where a loss could occur and the potential impact this could have. There are going to be incidents no matter what, so the data protection team needs to plan for the worst, as the regret of knowing you didn’t do everything you could is very unpleasant indeed.

    Image credit: Pexels

    Image credit: Pexels

    (Image: © Image Credit: Rawpixel.com / Pexels)

    Mitigate the people problem

    When it comes to the people in your business, everyone is accountable for data, from the C-level in the boardroom, all the way

    Read More

    Continue Reading
    GDPR

    How to protect yourself online in 2019

    About the authorNick Shaw is Vice President and General Manager of Symantec’s Norton business across Europe, the Middle East & Africa. It’s been a whole year since the General Data Protection Regulation (GDPR) came into effect. Yet the changes it brought continue to be vitally important. Why? Because it raised the standards for the protection of…


    About the author

    Nick Shaw is Vice President and General Manager of Symantec’s Norton business across Europe, the Middle East & Africa. 

    It’s been a whole year since the General Data Protection Regulation (GDPR) came into effect. Yet the changes it brought continue to be vitally important. Why? Because it raised the standards for the protection of EU consumers’ data and privacy – and made these standards enforceable by potentially massive fines for organisations that fail to keen their customers’ data safe. GDPR also gave consumers new rights – such as the right of erasure – so you can request your personal data be deleted. 

    Organisations have also had to improve how they store and manage your data, for example by using better encryption and more secure methods of transmitting information. What’s more – companies must now disclose any breaches within 72 hours of them taking place. This is all extremely important, because – as revealed by the 2018 Norton LifeLock Cyber Safety Insights Report (NLCSIR) – over the course of last year, a third of all British people experienced some form of cyber crime. So, if you find yourself more concerned about your privacy – it’s not surprising!

    Nor should you feel you’re alone – our research found nearly three out of four Brits (74 percent) are more alarmed than ever about their privacy. Moreover, UK consumers now view data protection as a right, not a privilege: 78 percent say they’re not willing to pay service providers to ensure their personal information is protected when using them. 

    • How to protect your privacy online with Tor Browser
    • Avoiding unwanted tracking online
    • How are consumers protecting themselves against online

    !–>

    Read More

    Continue Reading