Articles about GDPR

Businesses with dispersed and on-the-move employees are struggling to strike a difficult balance between the benefits of remote working and the security risks it creates. Security software designed to protect data at risk is nullified if it can be removed. To achieve their own stringent security aims while satisfying the demands of increasingly tight and punitive regulation, companies need a more persistent security solution.

Many organizations consider it to be only a matter of time before they fall victim to a cyberattack. PwC's 2016 Economic Crime Survey revealed that over half of responding UK organizations consider it likely they’ll suffer from cybercrime in the next two years. The prevalence of cybercrime makes detection and response capabilities critical in business today.

Continue reading →

Whoever gets to enforce GDPR on businesses is going to have their hands full starting May next year. According to DMA, 26 percent of marketers believe their businesses are unprepared for the General Data Protection regulation, and just two thirds (68 percent) believe they will be compliant in time for the deadline, which is May 2018.

In the second edition of DMA’s "GDPR and you" series, it says that two thirds of marketers (66 percent) have "good" awareness, up from 53 percent in June last year.

Continue reading →

Despite the fact that the media has dulled its teeth and worn out its keyboards, talking and reporting about the General Data Protection regulation (GDPR), less than half (47 percent) of businesses in the UK are aware of it. What’s more, just four in ten (40 percent) are fully aware of the NIS Directive.

Both documents will be coming into effect in 2018, and will significantly change how we do business online.

Continue reading →

The data processing landscape has seen huge changes since 1995, in May 2018 the EU is replacing the Directive with a new regulation, the General Data Protection Regulation (GDPR). Enforceable from May 2018, organizations have had to take account of their responsibilities under the DPA for many years now.

Many have mature and well-considered data management policies in place that already address elements of the GDPR. Nonetheless, with the threat of significant penalties for data breaches under the GDPR it would be prudent to reexamine procedures and to consider how these can be enhanced to ensure compliance when GDPR comes into effect in May 2018.

Continue reading →

The European Union’s General Data Protection Regulation (GDPR) is due to come into force on May 25, 2018. This means that IT teams have more than a year to audit their IT systems, check existing customer records and data, and ensure that these systems respect the new set of rules that will be in place.

However, the gap between intentions and actions can be a big one. So what do I predict will happen around GDPR in 2017?

Continue reading →

If there’s one thing you can say with certainty about cyber-security in 2017, it’s that many companies are going to fail because they are simply not doing the right thing. Fundamental flaws still exist.

Until the technical people lift their heads up and see that security and business are different sides of the same coin, we will inevitably see more damaging attacks. When security people learn to speak in the language of business they will begin to understand just where in the organization they need to apply their expertise.

Continue reading →

The concept of data protection has been around for many years, since the UK first implemented a Data Protection Act in 1984. The general data protection regulation is a piece of legislation drawn up by the European Commission to unify data protection within the EU and to govern the export of personal data beyond the EU’s boundaries.

GDPR is due to come into force across the EU in May 2018 following a two year transition period. Being a regulation rather than a directive, it doesn’t require enabling laws to be passed by member states.

Continue reading →

When GDPR (General Data Protection Regulation) comes into force in 2018, businesses not adhering to cybersecurity best practices risk either €20 million in fines or four percent of their annual global turnover, whichever is bigger.

The media has been buzzing about this a lot lately, but how much is four percent really, at least among UK organizations? According to PCI Security Standards Council -- that could be up to £122 billion. Here’s how PCI SSC came to that conclusion.

Continue reading →

The GDPR is drawing ever closer, but organizations which will be directly affected by it still don't know how to approach the new regulation, a new study by Dell shows. Ever since it was unveiled that the General Data Protection Regulation will come into effect in May 2018, surveys have been done to see if companies are preparing themselves for it, and if they will be ready to comply with it in time.

Never have these reports shown positive or encouraging results, and the new one by Dell is no different. Still, organizations aren't even close to being prepared. More than 80 percent say they know close to nothing about GDPR. Less than a third are ready for GDPR today. Almost 70 percent of IT and business professionals say they are not, and that they don't know if their companies are ready.

Continue reading →

Time is relentless. The GDPR is moving ever closer, while at the same time apps aren’t. And that’s a huge problem for businesses, because if apps are not GDPR-compliant, they’re not GDPR complaint. That can mean huge fines, possibly even the end of businesses.

The fact that apps are far away from being GDPR compliant came as a result of a new and extensive study by Blue Coat Labs. The company analyzed more than 15,000 enterprise cloud applications in use and 108 million enterprise documents stored and shared within them.

Continue reading →

Another day, another Brexit story. It’s going to be years before we stop hearing the various implications and results of the recently held UK referendum on leaving the European Union.

This time, it’s about private data and its sharing to third-parties, by private companies, without users’ consent.

Continue reading →

Using cloud apps in a business environment, be it Shadow IT or not, is going to be risky business in a couple of years, as a vast majority of today’s widely used apps do not comply with the upcoming rules and regulations of the EU GDPR.

GDPR, or general data protection regulation, is a EU-crafted document aimed at regulating the corporate use of data, and how businesses must act in order to ensure maximum safety of customer data used, as well as privacy. It will come into force in less than two years.

Continue reading →

Records management is once again back on the business agenda, driven by the new European Union General Data Protection Regulation (GDPR), which comes into effect in under two years from now. Through the GDPR, the European Commission intends to strengthen and unify data protection for individuals within the EU. This new directive represents a substantial leap in scope compared to previous versions of this regulation; and its non-compliance poses a major risk to businesses.

No organization can take lightly the risk of a sanction that can be up to four percent of its worldwide turnover.

Continue reading →

In a world more concerned than ever with privacy and data security, law makers are scrambling to keep up to date. With the growth of the internet, many old and inappropriate laws have been bent to fit a purpose they were not designed for. A case in point are European data protection directives which date back more than two decades.

In April this year a new law was adopted -- the General Data Protection Regulation, or GDPR. With compliance with the law required of the 28 EU member states by 25 May 2018, a two-year countdown is now underway. GDPR is welcomed by Mozilla who is using the 24-month compliance deadline to draw attention to some of the regulation's highlights.

Continue reading →

The moment of reckoning is on its way for companies that collect or store data on European Union citizens. Last week EU legislators signed data privacy regulations into law, creating what may be the most stringent data protection law in place today. The requirements will not be easy for many companies to meet and will demand financial and personnel resources. There is sure to be criticism that the EU stifles technology innovation. In reality, the GDPR demonstrates a progressive approach to data transactions and the digital economy. The introduction of the regulation states, "The protection of natural persons in relation to the processing of personal data is a fundamental right…".

Essentially, the law codifies the concept that data transactions come with responsibility on the part of the collector. As technology continues to advance, establishing this foundation of trust is a necessary step. Complying with the regulation may seem onerous, but think from the consumer’s perspective. Organizations gather more data than ever. Huge headaches and hardships arise when data is  stolen or lost. The regulation puts in place best practices to ensure companies offer a necessary level of security and treat personal data with the respect it deserves.

Continue reading →