The need to embrace GDPR and see it as more than just another compliance requirement!
Data breaches have unfortunately become so common that we are no longer shocked or surprised when we hear of the latest cyber security incident as they are occurring every day!
We all remember when an activist group calling itself the Guardians of Peace (GOP) hacked Sony Pictures Entertainment using malware and claimed to have stolen over 100 terabytes of data including marketing plans, unreleased films, personal information of employees and much more.
Another high-profile incident that springs to mind is the Ashley Madison incident in 2015, a software vulnerability enabled hackers to access and leak 32 million user records such as email addresses and account details etc.
More current and closer to home, Bupa had a data breach in July 2017 affecting 500,000 insurance customers. In a statement, Bupa said that a Bupa employee inappropriately copied and removed information relating to international health insurance plan customers. In May 2017, hundreds of companies globally, including 47 NHS trusts in the UK, were affected by a highly destructive ransomware program known as “WannaCry”.
As technology advances, the problem is only going to get worse, the world of the “Internet of Things” will see cars, aeroplanes, trains, drones and many more as exploitable computers, and if you have ever watched the TV series Homeland in 2014 where a terrorist hacked into implanted pacemakers to kill targets, what does that mean for electronic insulin pumps, MRI scanners and prosthetics?
Each of these different exploits teach us that it is more important than ever to keep our data safe, however there is no silver bullet for cyber security. With the ever-changing threat landscape we need a more holistic approach with security by default and design as per GDPR framework, with integrated layers of security, to protect us again insider threats, malware, phishing emails, software vulnerability and human error using the right tools for the job and a fully committed workforce tasked to protect the organisation and its customers.
Selecting the correct security partner is crucial to the success of your business. Metsi provide information, technology demonstrations and impartial guidance , we aim to match your needs, business values and delivery objectives with technology then support you with end to end delivery and ongoing management.