GDPR and cybersecurity

by GDPR Associates | 14th April 2019 4:51 pm

The EU’s General Data Protection Regulation (GDPR) has been in force for almost a year. It has presented organisations with numerous and onerous obligations intended to enhance their accountability and protect personal data. The GDPR also provides data subjects with new rights to ensure transparency in the manner such organisations collect, store, process and transmit information about them. The process has led entities to revise their current procedures and contracts, provide training to all employees, conduct privacy impact assessments, revisit and enhance their existing controls.

Cyberattacks, malware and phishing attacks remain an ever present risk to both private and public sector organisations. Data loss or data breach incidents may lead to considerable fines under the GDPR. And this besides the reputational damage that such risks present. In view of this backdrop, as organisations strive to enhance their information security infrastructure to prevent such incidents and prevent the loss of personal data as well as confidential business data, the focus on cybersecurity has never been sharper.

Digital transformation has ensured that cybersecurity is one of the biggest issues currently facing organisations. In the near future, cybersecurity will continue being more of a priority as the business world becomes increasingly digital and cyber threats grow in number and sophistication. To succeed in such a scenario, organisations must prepare themselves for emerging threats and issues by having a proactive people-centred strategy in place. Handled successfully, cybersecurity can give organisations the chance to raise awareness at the C-suite level, thereby helping to strengthen information security.

Yet far from having a negative bent, cybersecurity could prove to be the making of many organisations. In the coming years, it offers firms the chance to lead on some of the biggest changes that business will undergo. Being aware of the main requirements and obligations of GDPR carries the potential to enhance business operations. Taking measures to prevent and minimise the impact of incidents affecting network and information systems on core services ensures their smooth continuity, a feature of businesses which is becoming even more critical to both internal and external operations.

This article was originally posted here:[1]


Source URL: