Articles about GDPR

With a recent, but less publicized executive order from President Trump, there are things happening on both sides of the Atlantic with regard to personal data, and it looks like the US and the EU have very different ideas about which direction to take.

We all leave a digital trail these days, just going about our daily business. Much of it we don't think about, and we often consciously choose to trade this personal data ourselves, in exchange for free services. Think about it, your Internet searches, social media, the websites you visit and your location while you're doing it, even exercise activity and your home heating usage via a smart thermostat, all have data harvested and monetized by big business.

Continue reading →

The new GDPR legislation is now just a year away from coming in to force, but new research claims that British businesses are not nearly as prepared as expected.

A study by Blancco Technology Group reveals that the UK is significantly less prepared than its European counterparts, with companies lagging behind the rest of the continent.

Continue reading →

While the E.U.’s General Data Protection Regulation (GDPR) won’t take full effect until May 25 2018, multi-national companies do need to take thoughtful action now to be certain their E.U.-based operations will be fully compliant when the time comes.

With WannaCry, the world’s largest ransomware attack fresh in their minds, most global businesses are hyper-focused on data security in formulating responses to GDPR. However, many are less well organized in their approach to the data privacy issues related to the new regulation. The lack of a well-formulated approach should give global companies pause though, particularly because the definition of data privacy under GDPR is especially broad, and because harnessing IoT data can be very challenging.

Continue reading →

The EU General Data Protection Regulation (GDPR) comes into force on May 25th 2018, but a new survey by data protection company Varonis shows companies are struggling to meet the deadline and are pessimistic about its effects.

The results from 500 IT decision makers in the UK, Germany, France and the US, reveal that 75 percent of organizations say they will struggle to be ready for the deadline.

Continue reading →

According to a survey conducted by Lepide, a leading security auditing solutions provider, 60 percent of companies are still not able to determine who has access to their critical data. The survey was conducted during a variety of trade shows including Infosec Europe, RSA Singapore, and DataConnectors Pittsburgh, and involved 250 face-face interviews.

A common misconception amongst organizations is that all cyber threats originate from outside their organization, yet according to a report published by mcafee.com, 43 percent of data breaches were the result of malicious or incompetent insiders. This problem is emphasized by the continuous surge in healthcare related breaches. For example, according to a report published by Protenus, of the 31 health data breaches disclosed in January 2016 "59.2 percent of breached patient records were the result of insiders."

Continue reading →

Even though the GDPR is just a year from coming into force, the majority of businesses are still unprepared. This is according to new research from Compuware, which says businesses are risking huge non-compliance fines.

Some businesses, truth be told, have made progress since last year.

Continue reading →

More than four fifths (84 percent) of small business owners in the UK, and almost half (43 percent) of senior executives in large companies have no idea what GDPR is and that it’s coming.

That's according to Shred-it’s Security Tracker research, which also found that roughly one in seven (14 percent) of small business owners, and 31 percent of senior executives know what the fines of not complying with the GDPR are.

Continue reading →

In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.

The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.

Continue reading →

Every fourth European company has no idea GDPR is coming its way. Consequently, they don’t know about the dangers and the draconic fines that follow those that don’t comply with the upcoming regulation.

This is according to a new report by IDC Research, based on a poll of 700 European companies. More than half (52 percent) don’t know what the impact on their organization is.

Continue reading →

Excessive employee permissions are exposing organizations to insider threats, ransomware and other risks according to the findings of a new report.

Using its Data Security Platform, threat prevention specialist Varonis conducted over a thousand risk assessments for customers and potential customers on a subset of their file systems totaling over 236 million files and 3.79 petabytes of data.

Continue reading →

With implementation of the EU's General Data protection Regulation less than a year away, a new study reveals that many firms are worried about the effect it could have on their bottom line.

The survey from information management company Veritas shows 38 percent of companies think they could lose customers or go out of business as a result of non-compliance. UK firms are expected to spend $1.4 million on GDPR compliance by 2018, but only 37 percent are ready now.

Continue reading →

Even for businesses in sectors like finance and healthcare where compliance and security is ingrained in the culture, protecting sensitive information is a major challenge.

For other sectors where it's incidental to the main business, compliance can be a major headache. With new payment card security requirements and other regulations like GDPR coming into force, businesses in sectors like hospitality need to up their game. We spoke to Geoff Milton, security strategist at data protection company ShieldQ to find out how the hospitality industry can overcome the headaches associated with compliance.

Continue reading →

The EU's General Data Protection Regulation (GDPR) comes into force in just over a year's time, but what impact will it have on business data protection efforts?

GDPR is one of the toughest pieces of data protection legislation in the world and will impose heavy penalties for non-compliance for any business around the world that collects or processes EU resident data -- even if the company is based outside the EU.

Continue reading →

Awareness of the GDPR has gone up, but B2B marketers are still falling behind and underestimating the impact of the new regulation, according to a new report by the DMA.

More than a quarter of businesses (28 percent) still feel unprepared, which is just a two percent decrease, compared to earlier numbers. The number of marketers that have a "good" awareness about GDPR has risen 13 percent, to 66 percent in total, the report claims. B2B marketers, however, are at the both ends of the spectrum.

Continue reading →

Here's a facepalm moment for you this morning -- a quarter of UK businesses stopped preparing for the GDPR thinking the regulation won't apply once the UK leaves the EU.

The GDPR, or General Data Protection Regulation, has been ratified by the UK and will come into force on May 2018 -- which will almost certainly be before the UK leaves the EU.

Continue reading →