Cyber Risk – In the eyes of the GDPR

Published on Thursday 17th of November, 2016

By Chrissie Davis

I bridge the gap between corporate and creative, helping clients save time and costs, gain added value through knowledge and insight, and deliver more considered outcomes.

Find out more about Chrissie on LinkedIn.

Whilst Tesco Bank has enlisted the help of the National Cyber Security Centre (NCSC) and quickly reimbursed the 9,000 customers who were affected by the recent £2.5m cyber attack, the gravity of the forthcoming EU General Data Protection Regulation (GDPR) has become clear. Given companies can be fined up to 4% of worldwide group turnover, it has been estimated that Tesco Bank could be fined nearly £2bn under GDPR rules for this incident.

Elsewhere, a year on and a 17-year-old has pleaded guilty to seven hacking offences, which cost TalkTalk a predicted £60m, including a record £400,000 fine from the ICO. Again, if the breach had occurred under the GDPR, TalkTalk would have been fined in the region of £70m.

These two examples make it patently clear businesses need to take immediate action. An action plan needs to be in place and necessary tasks carried out to ensure compliance prior to the GDPR coming into force in May 2018, otherwise, they face an increasing threat of serious reputational and financial risks.

Are your employees aware of the forthcoming changes? Is there an intention to create a communication plan to raise awareness of the impact that the GDPR will have on your business? If not, we can help you create this plan and then design campaigns that will help increase understanding in a practical and relevant way.

Contact us for more information.

Liked this article? why not share it?

Related Articles