CYBER & INFOSEC

"blogger, InfoSec specialist, super hero ... and all round good guy" 

DISCUSSIONS, CONCEPTS & TECHNOLOGIES FOR THE WORLD OF

JOIN THE DISCUSSION

Data Security in the Wake of GDPR Compliance

The European Union's General Data Protection Regulation, or "GDPR," is a law based entirely on data protection and user privacy from corporate enterprises. With a lot of data and information being stored on the Internet of Things (IoT) and then used for advertising and marketing, keeping more information safe seems like an idea most people can get behind.


However, while the sentiment of the GDPR is fair enough, a lot of companies have struggled to keep up with regulatory guidelines regarding security. Some companies fall out of compliance only to find themselves unprotected later on. GDPR compliance doesn't have to be difficult to achieve, though, no matter how large the business is.


Toward a GDPR-Compliant Network


Since going into effect in 2018, GDPR has applied to 97 percent of firms. However, only 59 percent of businesses said they're meeting GDPR standards today, with another 29 percent saying they hope to be within regulations inside of a year. Getting under compliance for GDPR is how security is achieved in the first place, which is why some companies find the standards so difficult to implement, especially quickly.


Companies that are compliant with GDPR face a lower risk of being breached, with a 74 percent chance compared to those not in compliant who have an 89 percent chance. When a breach does occur, as no security is ever truly perfect, fewer records will be stollen and downtime is often shorter. Those without compliance have, on average, 212,000 records impacted, while those under GDPR only have about 79,000.


Breaches and Fines


Between May 2018 and January 2019, there were over 59,000 data breaches across Europe — at the same time GDPR was going into effect. Netherlands, Germany and the United Kingdom were the countries with the most breaches. Under the GDPR, all of these companies were required to report the situation to clients within 72 hours of discovering the breach.

Out of those 59,000 breaches, only 91 breaches resulted in fines for violations of GDPR rules and standards. The fine for violating these rules is either 4 percent of global revenue or 20 million euros, depending on which figure is higher. Before the GDPR implementation was complete, fines were only a few hundred thousand euros.


GDPR Benefits


Despite the difficulties with becoming compliant, GDPR is worth the harsh regulations. Simply remaining aware of challenges surrounding data privacy and forcing companies to be on guard is enough to defend against some breaches. There has also been a lot of improvement in privacy and data protection systems thanks to GDPR. The strict rules that make compliance so difficult are exactly what make the regulations work.

Of the 97 percent of firms subjected to GDPR, 42 percent found greater innovation from having the correct controls at their disposal and 41 percent discovered better operational efficiency from better organization. GDPR has been a plus in the public eye, too, as 41 percent said they gained a competitive advantage and 36 percent claimed gains on appeals to investors.


Better Data Security


The business world is becoming controlled by data, since this is the best way to know trends before they can happen. Consumers' desires through the market are exemplified through data, so businesses dig through what they can to get a competitive edge. None of this private information is "necessarily" at risk, but all of it does present a tempting target to unscrupulous third parties — especially when users aren't engaging with websites with full knowledge about which types of information may be transmitted.

GDPR is built to protect the consumer, so achieving compliance is bound to get you seen in a better light while also being more secure all around.


Kayla Matthews tech journalist & writer

https://productivitybytes.com/

doctorchaos.com and drchaos.com is a blog dedicated to Cyber Counter Intelligence and Cybersecurity technologies. The posts will be a discussion of concepts and technologies that make up emerging threats and techniques related to Cyber Defense. Sometimes we get a little off-topic. Articles are gathered or written by cyber security professionals, leading OEMs, and enthusiasts from all over the world to bring an in-depth, real-world, look at Cyber Security. About this blog doctorchaos.com and drchaos.com and any affiliate website does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed, purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein. Everything on this blog is based on personal opinion and should be interoperated as such. Contact Info If you would like to contact this blog, you may do so by emailing ALAKHANI(AT)YMAIL(DOT)COM  

SOCIALS 

SUBSCRIBE 

 Keeping you informed | Latest News 

© 2018 Dr. Chaos