A comment made frequently to me by many a small business about GDPR is “all the hype leading up to 25th May and since then, there has been nothing”.
And yes businesses maybe feeling that its been quiet but the reality is far different; its just that there have been no headlines……..yet!! or perhaps the recent news on British Airways may change that.
Recently published figures highlight that within the UK there have been 6281 complaints registered with the ICO between May 25th to July 3rd 2018 . Now, not all of these maybe GDPR related but that is a 160% increase on last year. With so many complaints of course it will take time for the Regulator to investigate but rest assured more news will come. For those that have correctly invested time to understand GDPR and Data Protection Act 2018 you will know that the onus is on a business to prove their compliance so I think it fair to say that more than a few businesses maybe receiving a call or an email very soon from the ICO……
Aside from the complaints there has also been a significant increase in the number of data breaches recorded. Again, the new legislation requires a breach to be reported where this involves a risk to data subject so the increase is not surprising. Add to this the continued scary growth in cyber threats – did you know that there is a ransomware attack in a UK business every 40 seconds!! (Risk Evolves Cyber Attacks Video)
If ever there was a time to invest in or consider multi layered security to protect your IT and data now is the time to start. Consistently figures show that cyber and data breaches are due to phishing emails; c.90% of all attacks are from a staff member clicking a linking an email and multi layers will help defined against them and c.68% of these attacks can take months to become apparent (Verizons 2018 Data Breach Report).
The National Cyber Security Centre are issuing new help and guidance on security for cyber (10 steps to cyber security) which extends across many levels including good up-front perimeter security to back end monitoring and ultimately good staff education. BUT even with all of this you are still vulnerable to an attack; it’s a case of when not if……
For assurances why not invest in Cyber Essentials to reduce your risk of a cyber attack by 80% or use a friend like Risk Evolves to do the leg work for you and help you manage your way through the maze of cyber security, GDPR regulations and phishing training.
So has it all gone quiet?? Perhaps not but the silence is not an excuse for any business to rest easy or to put off really getting to grip with your data and security arrangements. Need help then get in touch.