The GDPR Deadline Is Near & Business Is Not Ready

Under half of businesses are aware of forthcoming data protection laws they'll be subject to in just four months' time - or what the new legislation means for how information security is handled.

A lack of awareness about the forthcoming introduction of General Data Protection Regulation (GDPR), a new set of rules from the European Union which aims to simplify data protection laws and provide citizens across all member states with more control over their personal data, has led the UK government to issue a warning over businesses' lack of preparation for the change.

GDPR comes into force on 25 May 2018 and those who are found to misuse, exploit, lose, or otherwise mishandle personal data could potentially face huge fines: up to four percent of company turnover. 

Organisations could also face penalties if they're hacked and attempt to hide what happened from customers.

But, despite the risks associated with not being GDPR compliant, a government survey has found that many organisations aren't prepared, or even aware, of the legislation and how it will impact their security strategy.

Only one in four businesses in the construction sector are aware of GDPR, and awareness in manufacturing is also low. The finance and insurance sectors are said to have the highest awareness of the legislation.

Overall, the report says just under half of businesses, including one-third of charities, have made changes to their cybersecurity policies as a result of GDPR. Such preparations can include creating or improving cybersecurity procedures, hiring staff, and making concentrated efforts to update security software.

However, many still risk the prospect of being fined due to a lack of preparation, the government has warned.
"These figures show many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill," said digital, culture, media and sport secretary Matt Hancock.

Rather than being fearful of GDPR, the ICO suggests organisations should embrace GDPR as a chance to improve how they do business.

"The GDPR offers a real opportunity to present themselves on the basis of how they respect the privacy of individuals, and over time this can play more of a role in consumer choice. Enhanced customer trust and more competitive advantage are just two of the benefits of getting it right," said information commissioner Elizabeth Denham.
Despite the UK preparing to leave the European Union, GDPR will still apply to organisations within the UK. The government says it will incorporate all GDPR rules issued by the European Union into a new Data Protection Bill scheduled for May. 

For Further GDPR Information please contact The GDPR Advisory Board

ZDNet

You Might Also Read: 

GDPR For Dummies:

What You Need to Know About The General Data Protection Regulation:

 

« The AI Lock In Loop
Business Cybersecurity Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

FireEye

FireEye

FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

Tesserent

Tesserent

Tesserent offers world-class managed security at your network perimeter, internal behavioural monitoring and end-point device protection.

Pacific Cyber Security Operational Network (PaCSON)

Pacific Cyber Security Operational Network (PaCSON)

PaCSON is an operational cyber security network of regional working-level cyber security experts in the Pacific.