A recent week-long trip to Europe provided an interesting perspective on how much the state of cybersecurity sentiment in European companies has changed.
With the rise in cyberattacks at the forefront of the news on a near daily basis, it's becoming increasingly clear that the role of risk management and security must be elevated throughout the financial services and banking markets. Physical and IT security leaders are shifting toward a more proactive approach to security than in years' past to address and mitigate the latest emerging trend.
The European Union’s new General Data Protection Regulation (GDPR) came into effect in May of this year. While many in North America believe that since they are not located within the European Union the regulation does not apply to their operations, the territorial scope of the GDPR is well and truly global. Many of these companies are unaware that the GDPR is applicable to any organization conducting business within the EU, including those simply collecting data there.
Despite the ever-evolving sophistication of hackers, security-conscious cloud providers now offer a far safer environment at a lower cost than most individual companies can provide for themselves.
There seems to be a constant supply of news stories involving high-profile, high-impact criminal cyber activity. More often than not, the data breaches that we hear about occur at large businesses or global organizations. This leads many people to think that it’s only those big companies who are at risk of being attacked. They incorrectly assume that today’s cybercriminal is always looking for a giant financial payout or a huge cache of personal data. But the reality is that small and mid-size businesses (SMB) are actually at greater risk.
Like the GDPR before it, the CCPA is getting a lot of attention because of the rights California residents will have to access data held by companies, to have that data removed, and to prohibit the sale of personal data. The new law, which does not go into effect until 2020, also creates the potential for some eye-popping payments directly to consumers impacted by a breach.
The EU’s General Data Protection Regulation (GDPR) is an important piece of legislation, yet even with the passed deadline, some organizations are still underprepared.
The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.
