IT Pro Portal: Into the breach: why we’re seeing a sharp rise in GDPR violations

itproportalMore than a year into GDPR, what’s the effect been?

It’s now over a year since GDPR came into effect, and although the impact of the regulation is starting to be felt, there’s still a long way to go before the true security picture in Europe becomes clear.

GDPR requires that organisations must disclose to national data protection agencies (DPAs) any breaches of security leading to “the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed to local data protection authorities not later than 72 hours after having become aware of it”.

To read the full article click here.

IT Pro Portal – The future of security – a 2019 outlook

itproportalBased on the way the industry is moving, 2019 is set to be an exciting year as AI gains more prominence and, quantum and crypto-agility start to make themselves known.

From the record-breaking number of data breaches to the implementation of the General Data Protection Regulation (GDPR), 2018 will certainly go down as a memorable year for the cybersecurity industry. And there have been plenty of learnings for both the industry and organisations, too.

Despite having two years to prepare for its inception, some companies were still not ready when GDPR hit and have faced the consequences this year. According to the law firm EMW, the Information Commissioner’s Office received over 6,000 complaints in around six weeks between 25th May and 3rd July – a 160 per cent increase over the same period in 2017. When GDPR came into force, there were questions raised about its true power to hold companies to account – with the regulation saying fines could be implemented up to £16.5 million or 4 per cent of worldwide turnover. The latter half of this year has shown those concerns were unfounded, with big companies, including Uber as recently as this week, being fined for losing customer data. What 2018 has shown, is the authorities have the power and they’re prepared to use it.

To read the full article click here.

IT Pro Portal – UK companies lag behind in securing cloud data

itproportalUK companies are falling behind the rest of Europe when it comes to securing data on cloud services, a new report has revealed.

The report from Gemalto, entitled “2018 Global Cloud Data Security Study”, says the vast majority of global companies have adopted cloud services (95 per cent), but not all treat security the same.

“While it’s good to see some countries like Germany taking the issue of cloud security seriously, there is a worrying attitude emerging elsewhere,” said Jason Hart, CTO, data protection at Gemalto. “This may be down to nearly half believing the cloud makes it more difficult to protect data, when the opposite is true.

“The benefit of the cloud is its convenience, scalability and cost control in offering options to businesses that they would not be able to access or afford on their own, particularly when it comes to security. However, while securing data is easier, there should never be an assumption that cloud adoption means information is automatically secure. Just look at the recent Accenture and Uber breaches as examples of data in the cloud that has been left exposed. No matter where data is, the appropriate controls like encryption and tokenisation need to be placed at the source of the data. Once these are in place, any issues of compliance should be resolved.”

To read the full article click here.

IT Pro Portal – Consumers don’t trust the security of their IoT devices

itproportalThe vast majority of consumers say that they don’t trust the security protection within their IoT devices, new research has claimed.

A new report by Gemalto found that more than two thirds of consumers, as well as 80 per cent of organisations, would like to see the government getting involved in IoT security.

“It’s clear that both consumers and businesses have serious concerns around IoT security and little confidence that IoT service providers and device manufacturers will be able to protect IoT devices and more importantly the integrity of the data created, stored and transmitted by these devices,” said Jason Hart, CTO, data protection at Gemalto.

“With legislation like GDPR showing that governments are beginning to recognize the threats and long-lasting damage cyber-attacks can have on everyday lives, they now need to step up when it comes to IoT security. Until there is confidence in IoT amongst businesses and consumers, it won’t see mainstream adoption.”

To read the full article click here.