Last Friday, the NHS and organisations around the world faced major disruption thanks to the most serious cyber-attack we’ve seen so far. The attack highlighted the gaping security holes that millions of organisations have within their IT infrastructure, and the consequences these can have on business continuity. In the case of inaccessible patient records, it also brought forward the question of data safety. Now you may be asking yourself what steps you need to take to ensure your business is protected against future cyber threats.
With the EU General Data Protection Regulation (GDPR) legislation coming into force in May 2018, how you store and process data is set to change. At the heart of the GDPR are the severe penalties to be issued to any company which allows the personal data of EU citizens to be compromised. These fines weigh in at either €20 million or 2% of a company’s annual turnover, whichever is greater – a figure which would deal a devastating blow to most businesses. Protecting yourself from ransomware, phishing and other nastiness is a critical step on the road to data protection. Ensuring your sensitive data can’t be hijacked via malicious software leaves one less avenue of opportunity for you to worry about.
While the WannaCry ransomware of last week’s global attack may have been stopped in its tracks, a new more resilient strain has likely already been dispatched to the World Wide Web, and it has the potential to do even more damage than the previous version. Certain strains of ransomware affecting computers today have been observed not only encrypting files, but also uploading them to web servers, thus passing them into the hands of cyber-criminals.
If your business holds customer data of any kind (and let’s be honest, it almost certainly does), ransomware with the capability not just to lock that data but to share it with the world should be a critical priority for your IT staff. Having a list of users’ addresses, login credentials, or even credit card information encrypted could be an issue in itself, but if those details suddenly find themselves on sale to the highest bidder? A breach of the GDPR would be unavoidable.
But there’s no need to panic; you can protect yourself from malware and cyber-crime. With secure and resilient IT infrastructure, and the necessary training to help your staff avoid social engineering and phishing attacks, you can stay one step ahead of the hackers – and the GDPR auditors.
On Tuesday June 20th, we’re holding a Security Summit at Skylark Golf and Country Club, Whiteley. In partnership with Barclays and the Hampshire Chamber of Commerce, we’ll be tackling these topics – GDPR compliance and cyber-security. Protecting your data has never been more relevant, or more challenging. Join us on June 20th to learn more about the next steps your business should take.
Sign up for our seminar or webinar on June 20th here.