You should by now know that the rules are changing on General Data Protection Regulation (GDPR) to protect the data of EU citizens, but are you ready?
All organisations were given a two-year period to make sure they were compliant but that comes to an end on 25th May 2018.
If like many other businesses you have kept putting things off, here’s some help to make sure you’re ready when the time comes. Because if you don’t comply then you could be fined as much as 4% of your global annual turnover.
Elizabeth Denham, the UK’s information commissioner, who is in charge of data protection enforcement, said: “The General Data Protection Regulation (GDPR) is the biggest change to data protection law in a generation.
“if your business isn’t prepared, you’re leaving yourself open to enforcement action that can damage both your public reputation and bank balance.
New research by international law firm Paul Hastings has found that over half of companies across the UK and US will not be ready for the new regulations so they better get a move on because not being ready is no excuse.
Awareness is though and showing that you are moving in the right direction, even if you’re not quite there will result in some leniency being shown.
5 tips to make sure you’re prepared
You might know about GDPR but does everyone in the business who needs to?
Make sure everyone knows what is on the horizon and what the impact will be on the business.
What do you know?
When it comes to other people’s data you really need to know what you hold, how you got it and who you share it with. Having the answers now means you would be ready for any information audit that you might need to do.
2017 was a bad year when it came to data breaches and the court case in December, which saw Morrisons found to be liable for a staff detail breach means the future could be very different, so you need to make sure you have the right procedures in place.
Now is the time to check yours and ensure they cover everyone’s rights as well as how you would go about deleting personal data and how you provide data electronically.
Under GDPR you need to make sure everyone knows exactly where they stand, so review all of your current privacy notices to make sure they meet the new regulations. If they don’t, make sure you do something about it as soon as possible.
What to do if you’re breached
In an ideal world all of your cybersecurity efforts will prevent a data breach but as there is never a guarantee, making sure you have the procedures in place is vital.
So have plans to detect, report respond to a data breach to help minimize the disruption and effect.
Finally, make sure you or a designated data protection officer has familiarised themselves with all of the legislation so you know exactly what to expect.
Peter has been in the Information Security world since 1999 and in IT in general since 1996. His work history contains a unique blended balance between the development of exceptional technical capabilities and business knowledge. Peter is a proud father of twins and enjoys GT endurance racing on the weekends.
Last week saw SB Tech Breached by the hacking group Maze. It seems that every week the group are announcing more victims. GameOn asked our CEO Peter Bassill, to give us some insight into the attack. The GameOn article is here.
In our “How to securely” series we asked our followers what tools they would like a simple guide on to help them stay secure online. There seemed to be a lot of confusion as to what a VPN is and why you should or should not use one. So we asked Peter to help.
WhatsApp is among the fastest-growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.
The UK’s highest court ruled that Morrisons can not be liable for a criminal act of a person seeking to harm their business. On April 1st, 2020, a panel of five justices unanimously ruled that Morrisons was not “vicariously liable”.
With the current pandemic situation, we all need to be taking remote working considerations. While adjusting the work paradym, it is vital to keep a mind’s eye on the security and safety of the businesses information assets
In this guide we are looking at how to go about securing zoom. Since the onset of the global pandemic, we have seen surge in “zoom bombing”. This is where people with malicious intent look for in-progress zoom meetings to join and cause trouble.
A critical vulnerabiltiy has been identified in Dell EMC iDRAC7, iDRAC8 and iDRAC9. Some unknown processing is affected by this issue. Manipulation with an unknown input can lead to stack based memory corruption.
On March 27th, Hiscox Insurance Company Inc. filed a complaint against law firm Warden Grier for concealing a data breach that occurred back in 2016.
A critical vulnerability has been identified in Nginx Controller up to 3.1.x (web server,) affecting an unknown code block of the component Controller API.