Cyber-breaches, hacking, and other online attacks on our technology and IT systems is a part of everyday life. Barely a day goes by without report of an organisation, corporation, or institution being brought to its knees by a malicious attack. And when it has impact on those institutions that ‘really’ matter to us, as we’ve seen with the NHS ransomware attacks, we all sit up, take notice, and ponder just how safe we all are, when operating in an online environment.
The General Data Protection Regulation (GDPR) is due to come into force in little over a year’s time (25 May 2018). Among the many changes ushered in, GDPR introduces a new governance requirement: the duty on the part of certain organisations to appoint a data protection officer (DPO).
Will your organisation fall under this new requirement? Read on to find out…
“The use of outsourcing to the cloud and other third party IT services can have a positive impact on competition in financial services”
This quote, taken from the current FCA guidelines on cloud-based data storage, highlights the idea that, not only are cloud-services approved, but they can bring significant benefits.
Take the marketing hype at face value and you’d be forgiven for thinking that Cloud Data Storage is the “magic solution” for all your data needs. So how much of this is true?A startup looking to build its infrastructure from scratch or a larger company with an increasingly mobile workforce are just two of the types of business for whom the Cloud might have considerable advantages. But what if your existing on-site provision has served you well so far and you just need an extra boost in capacity? As for your clients, why needlessly provoke security concerns by shifting data off-site if the current way of doing things has worked so far?
If you’re a company who operate under the compliance regulations of the Financial Conduct Authority (FCA) then you need to be aware of your responsibilities when it comes to storing data. Ensuring that all reasonable measures have been implemented in relation to the safety, security and integrity of data is a critical component of your corporate diligence and duty. The FCA making this point abundantly clear on their data compliance fact sheet, available via their website.
Encryption can be a valuable tool in your data security arsenal, delivering a range of benefits to both individual computers and corporate networks alike. Encryption as a concept has existed for millennia. With the use of codes and cyphers to keep messages hidden used as far back as ancient Egypt, Greece and Rome.
Statistically, your organisation is likely to be targeted by cyber criminals at some point - and, of course, building the type of environment to protect you against that threat requires financial outlay. So how much should you be spending - and where should resources be allocated?
Failure to abide by the FCA’s rules on data protection opens up the possibility of being subject to the full range of the Authority’s enforcement powers - the latest details of which can be found here.
Statistics from earlier this year give a picture of how long it takes for UK businesses to recover from a disruptive security breach. A third said it took up to a full day for operational recovery to occur, while a small yet still significant minority said it took considerably longer.
Online security is one of the biggest dangers faced by a business these days with the collective cost to UK businesses reported to be in excess of £34billion annually. And the rise in remote working brings with it an increased threat of data breaches and security risks.