On Trend: Business Data Protection Laws

Uploaded on 2019-12-02 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

A common mistake made by businesses when starting out is to dive right into the technology without a strategic plan. This approach ignores some of the most vital points of cybersecurity and is why governments and regulatory bodies around the world have recognised a need to invest in cybersecurity.

EU nations have created the GDPR – General Data Protection Regulations.

"The digital future of Europe can only be built on trust. With solid common standards for data protection, people can be sure they are in control of their personal information," said Andrus Ansip, EU vice-president for the Digital Single Market, speaking when the reforms were agreed in December 2015.   

Smaller organisations are now embracing digital transformation. This means smaller businesses can now leverage data in the same way that only very large businesses could as recently as ten years ago. However, this exposes them to the same risks, but without the relevant infrastructure in place. 

The GDPR introduced the obligation to report personal data breaches to regulators within 72 hours of discovery, unless it is unlikely that there will be a risk to data subjects. Unsurprisingly, this led to a significant rise in the number of data breaches and cybersecurity incidents reported to European regulators since the introduction of the GDPR.

The UK regulator, the Information Commissioner’s Office (ICO), reported a 490% increase in incidents notified to them in Q2 2018 compared to Q2 2017.

Data Protection Laws
As of September 2019, over 80 countries and independent territories have now adopted comprehensive data protection laws to prohibit disclosure or misuse of information. In Europe, the General Data Protection Regulations (GDPR) and rules from industry specific regulatory bodies layered onto this provide the regulatory framework. 

Organisations who fail to look after their data correctly, face huge fines and an erosion of customer confidence in their brand, losing them customers.

Unlike regulatory bodies, cyber attackers do not discriminate based on size. Smaller organisations now have to be as wary of protecting company data as those in the enterprise. In fact, lacking years of engagement with cybersecurity provisions, SOC (security operation centre) analytics teams and protection, smaller organisations could be seen as an easier target to some cyber threats. 

No longer just the domain of large enterprises and big channel providers, there is now a gap in the cybersecurity market for comprehensive cybersecurity solutions to cater for smaller players in every industry. 

Rather than seeing it as a challenge, businesses should be open to taking control of their cybersecurity and view it as an opportunity for growth, greater customer entanglement and a potential point of differentiation. For many C-level executives concerned with IT, cybersecurity is the topic at the top of their minds. Getting it right can even open up other areas of IT spend. Once decision makers feel confident in their security, your customers are more likely to start conversations about implementing IoT, Cloud Services, and other innovations.

Time to Act
Cyber criminals can be highly innovative. It often feels like new cybersecurity vendors pop up daily to address the next new threat. This makes it difficult to determine what solutions are the best fit for your organisation, which technologies to choose, and which vendors to get skilled up on. With so many different point products on the market, often with different degrees of overlap, the amount of choice can be bewildering. Effective cybersecurity relies on having the right knowledge and monitoring tools. 

This is where good distributors play an important role in the cybersecurity market. They will be researching the market all the time. They can identify the most effective solutions and decipher how to consolidate them into an efficient and effective cybersecurity portfolio. 

This is all work you don’t have to do. Channel partners should be able to deliver tailored cybersecurity solutions and services. For those who are building up cybersecurity expertise, fully formed cybersecurity solutions which have already been developed can be leveraged straight from the distributor.   Besides removing the initial costs of developing services, the service collateral and legal contracts curated by the distributor removes a large part of the risk involved. Not to mention, throwing in marketing support and enablement around the hardened solutions they’ve developed.

Compliance and Control Policies
We should not forget that for many organisations their focus is on running and improving their core business, rather than becoming experts on cybersecurity. As you build up expertise around cybersecurity, choosing to focus on the regulatory and compliance requirements around a vertical market could become a key area of differentiation from anyone else offering cybersecurity services.

IT Models
Channel partners have been learning in recent years that the growing technology market has changed the way businesses buy, and therefore the way technology vendors sell technology. The opportunity here is for the channel to be able to offer security as a service, either around the endpoint software and its users or the system and its applications. The service could be a dedicated service or it could be embedded into an existing offering.

What’s important here is looking at how you create a fully formed, productised service that allows you to continue to add new recurring value. For examplee, when customers subscribe to your service, there needs to be a way you can continue to add new value to the service and thus justify the on-going subscription. That way you can move away from a cost-plus pricing model, to one that is based on the value you deliver to the customer. The distributor should be able to help with this process. 

Now that cloud marketplaces automate the selling and management of cybersecurity technology and solutions choosing the right platform can also make it much easier and less costly to offer cybersecurity solutions at scale to your customers. Specialists need to stay current on new cyber threats as they emerge, and talent is in short supply across the industry. If you are starting out in cybersecurity, investing in technical skills is a big commitment and may seem like an irreversible change to your business model. 

The greatest costs associated with entering the cybersecurity market come into play with sourcing expertise with demonstrable experience, training and essential development of solutions, including production of brochures and product marketing.

The easiest way to get started is to look for cybersecurity services offered by distributors and consider the services you can resell. Fully developed and trusted solutions are available, training can be supplied and technical delivery of these services will be actioned by the distributor on your behalf. Once you have established a revenue stream, the distributor should be able to offer you certified technical training for your engineers to action the services, along with sales and marketing training for your commercially focused teams.

Structured Enablement Programmes
Leading distributors tend to offer structured enablement programmes to help channel organisations transform existing operating models around the latest new technologies and high growth markets, enabling shifts from traditional reseller to services-led, or managed services to managed security services. 

Although challenges to introducing cybersecurity do exist, they are not insurmountable with the support of the right distribution partner. 

Cyber Security Intelligence can Recommend the Correct GSPR Legal Advice and Cyber Security Training for you and your Organisation.  Please Contact Us for Free Advice.

TechRadar:           European Union:       Beazley Academy:          ZDNet

You Might Also Read:

The GDPR Wake-Up Call Is Being Ignored By Business:

 

« British Elections: The Parties Manifestos On Cyber
US & China Are Investing Big In Quantum Computing Simulation »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CERT-UG/CC

CERT-UG/CC

CERT-UG/CC is the national Computer Emergency Response Team for Uganda, operating under the National Information Technology Authority (NITA-U)

Materna Radar Cyber Security

Materna Radar Cyber Security

Radar Cyber Security is the only European supplier of Managed Detection & Response who provides its services based on inhouse developed technology.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

Pareteum

Pareteum

Pareteum is a leading Global provider of mobile networking software and services. Our mission is to provide a single solution to the problem of fully enabling and securing the Mobile Cloud.

Celerium

Celerium

Celerium transforms cyber defense for both companies and industry sectors by leveraging cyber threat intelligence to defend against cyber threats and attacks.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Intellias

Intellias

Intellias is a trusted technology partner to top-tier organizations and digital natives helping them accelerate their pace of sustainable digitalization.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

RightCue Assurance

RightCue Assurance

RightCue Assurance identify opportunities for improvement in the Information Security for your organisation and work with you to reduce cyber risk.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.

Pontiro

Pontiro

At Pontiro, we are enabling a new era of data-sharing. Bridging the gap between protected data and valuable insights through the use of cutting edge Homomorphic Encryption.