Only three months short of its first year anniversary on May 28, it’s time to take a look at EU’s GDPR by numbers. Enforced to protect European users from unethical and illegal commercial practices, the internet privacy law has so far led to three major fines for privacy infringement.
EU data protection legislation aims to give users more control over their personal data, and threatens companies with fines for collecting data without user consent and for data breaches. Countless companies have been struggling to become GDPR compliant, but it seems major tech players may not have taken it seriously. After Facebook and Google drew criticism for violating EU’s data protection law, it is now Microsoft’s turn to take the heat.
While industry reports claim ransomware attacks have dropped, cybersecurity insurance company Beazley Breach Response (BBR) Services has reported otherwise. According to businesses benefiting from its insurance deals, there has been a surge in the number of reported ransomware attacks, especially in September, when incidents nearly doubled from a month earlier.
Cybercriminals have unwittingly created an impressive, and legal, money-making opportunity – cyber insurance. The cyber insurance market is about to become huge, as experts believe companies will double their spending by 2020 to some 8 billion – 9 billion dollars compared to last year’s average of 3.4 –billion 4 billion, Munich Re, the world’s leading German reinsurance company, recently announced.
With speech recognition and voice-activated personal assistants slowly making their move into the corporate world, companies will have to adjust their security and digital strategies, infrastructure and customer interactions.
2018 appears to be the year of regulatory compliance, threatening to hinder all IT initiatives and projects. Whether it’s The Payment Card Industry Data Security Standard (PCI DSS), the banking sector’s PSD2 (Revised Payment Service Directive), NIST for federal agencies or the EU’s boogey-man - Global Data Protection Regulation (GDPR), organizations worldwide are struggling to meet all industry-specific guidelines and recommendations to avoid substantial fines following an incident.
About a year ago, Europe’s largest electrical and telecommunications retailer was hacked, compromising 5.9 million customer cards and 1.2 million personal records. Dixons Carphone claimed it had been unaware of the breach until recently, so no information had been held back from their customers or regulatory bodies.
Less than two months before the European Union enforces its stringent General Data Protection Regulation (GDPR), businesses are rushing to achieve compliance, procedurally and technologically.
One of the hottest topics in the business world these days is the General Data Protection Regulation (GDPR), the European Union’s endeavor to create a unified framework that governs how data collectors and processors safeguard the privacy of their users and build walls that cybercriminals can’t penetrate.
In 2017, Gartner found organizations were gravely underprepared for the European Union’s General Data Protection Regulation (GDPR). More than half of companies affected will not be in full compliance when the regulation takes effect in May 2018, the group said.
As bad actors continue to hone their skills and governments keep raising the penalty for getting breached, large organizations across the globe seem to be doing little to mitigate the risks associated with cybercrime – despite knowing better for years.
The deadline for full compliance with the European data protection law is right around the corner, but businesses still lack awareness and must overcome many security oversights. Surprisingly, as few as 38 percent of companies in the UK have actually heard of GDPR, according to a government survey. If businesses are not prepared by May 25, when the law takes full effect, they could face fines worth up to €20 million.
