Cyber risk – in the eyes of GDPR

17 November 2016

By Chrissie Davis

Eximia Comms | Cyber Risk


Whilst Tesco Bank has enlisted the help of the National Cyber Security Centre (NCSC) and quickly reimbursed the 9,000 customers who were affected by the recent £2.5m cyber attack, the gravity of the forthcoming EU General Data Protection Regulation (GDPR) has become clear. Given companies can be fined up to 4% of worldwide group turnover, it has been estimated that Tesco Bank could be fined nearly £2bn under GDPR rules for this incident.

Elsewhere, a year on and a 17-year-old has pleaded guilty to seven hacking offences, which cost TalkTalk a predicted £60m, including a record £400,000 fine from the ICO. Again, if the breach had occurred under the GDPR, TalkTalk would have been fined in the region of £70m.

These two examples make it patently clear businesses need to take immediate action. An action plan needs to be in place and necessary tasks carried out to ensure compliance prior to the GDPR coming into force in May 2018, otherwise, they face an increasing threat of serious reputational and financial risks.

Are your employees aware of the forthcoming changes? Is there an intention to create a communication plan to raise awareness of the impact that the GDPR will have on your business? If not, we can help you create this plan and then design campaigns that will help increase understanding in a practical and relevant way.

Chrissie Davis

Founder and Chartered Secretary

Explore more insights

Read more
phone Call us on 020 7420 1984 or send us a message

Subscribe for insights and updates


Key areas of interest

Increase the effectiveness of your colleague communications by receiving tips, ideas, trends, events and exclusives. We focus on quality over quantity so will never overwhelm your inbox, but you can easily unsubscribe at any time.

By clicking below, you consent that we may process your information in accordance with our ​Privacy policy​.