The GDPR Deadline Is Near & Business Is Not Ready

Under half of businesses are aware of forthcoming data protection laws they'll be subject to in just four months' time - or what the new legislation means for how information security is handled.

A lack of awareness about the forthcoming introduction of General Data Protection Regulation (GDPR), a new set of rules from the European Union which aims to simplify data protection laws and provide citizens across all member states with more control over their personal data, has led the UK government to issue a warning over businesses' lack of preparation for the change.

GDPR comes into force on 25 May 2018 and those who are found to misuse, exploit, lose, or otherwise mishandle personal data could potentially face huge fines: up to four percent of company turnover. 

Organisations could also face penalties if they're hacked and attempt to hide what happened from customers.

But, despite the risks associated with not being GDPR compliant, a government survey has found that many organisations aren't prepared, or even aware, of the legislation and how it will impact their security strategy.

Only one in four businesses in the construction sector are aware of GDPR, and awareness in manufacturing is also low. The finance and insurance sectors are said to have the highest awareness of the legislation.

Overall, the report says just under half of businesses, including one-third of charities, have made changes to their cybersecurity policies as a result of GDPR. Such preparations can include creating or improving cybersecurity procedures, hiring staff, and making concentrated efforts to update security software.

However, many still risk the prospect of being fined due to a lack of preparation, the government has warned.
"These figures show many organisations still need to act to make sure the personal data they hold is secure and they are prepared for our Data Protection Bill," said digital, culture, media and sport secretary Matt Hancock.

Rather than being fearful of GDPR, the ICO suggests organisations should embrace GDPR as a chance to improve how they do business.

"The GDPR offers a real opportunity to present themselves on the basis of how they respect the privacy of individuals, and over time this can play more of a role in consumer choice. Enhanced customer trust and more competitive advantage are just two of the benefits of getting it right," said information commissioner Elizabeth Denham.
Despite the UK preparing to leave the European Union, GDPR will still apply to organisations within the UK. The government says it will incorporate all GDPR rules issued by the European Union into a new Data Protection Bill scheduled for May. 

For Further GDPR Information please contact The GDPR Advisory Board

ZDNet

You Might Also Read: 

GDPR For Dummies:

What You Need to Know About The General Data Protection Regulation:

 

« The AI Lock In Loop
Business Cybersecurity Strategy »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Bunifu Technologies

Bunifu Technologies

Bunifu Technologies is an Information Security and Custom Software Development Company.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

CipherBlade

CipherBlade

CipherBlade specializes in blockchain forensics, data science and transaction tracking.

Cyway

Cyway

Cyway is a value-added cybersecurity distributor focusing on on-prem, cloud solutions and hybrid solutions, IoT, AI & machine learning IT security technologies.

Red River

Red River

Red River is a technology transformation company, bringing 25 years of experience and mission-critical expertise in analytics, cloud, collaboration, mobility, networking and security solutions.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Nemstar

Nemstar

Nemstar is a specialist in Information Security & Cyber Training with over 25 years' industry experience.

Securitum

Securitum

Securitum is a leading penetration testing company in central and eastern Europe.