Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Cybersecurity In Europe Is Improving: Thank You GDPR?

by The Gurus
December 7, 2018
in Data Protection, Opinions & Analysis
Cybersecurity In Europe Is Improving: Thank You GDPR?
Share on FacebookShare on Twitter

By Jake Olcott, VP of Strategic Partnerships at BitSight

After years of debate over whether to impose new cybersecurity regulations on companies, General Data Protection Regulation (GDPR) laws went into effect in May 2018. Already we’ve seen several data breach victims ordered to pay fines under the new rules and cookie disclosure notices are popping up on more websites than ever.

Everyone is waiting with bated breath for the first report from the Information Commissioner’s Office (ICO), to be issued after the implementation of GDPR, in order to gain an understanding of the magnitude of breach reporting.

The most recent report from the Information Commissioner’s Office (ICO) has revealed a 29% increase in the number of reported data security incidents, from 3146 between April and June 2018, to 4056 from July to September 2018. This demonstrates a 490% increase compared to the same quarter in 2017. This doesn’t necessarily mean that organisations are experiencing more incidents, but it does means that more are now being reported, as organisations try to tread carefully.

This has inevitably been fuelled by GDPR, as well as the significant data breach incidents that recognisable brands have suffered. However, this increase is also likely due to the new data breach notification requirements under GDPR, which require organisations to report incidents within 72 hours of becoming aware of them.

Drilling into the statistics, most data breach incidents are down to people, processes and inadequate policies. These frequently involve internal users making mistakes, including the incorrect disclosure of data; this accounted for 62% of all data incidents between July and September 2018.

In terms of monetary penalties, £875,000 of fines were issued under the UK’s Data Protection Act (DPA), between July and September 2018, down from £1,030,000 between April and June 2018. It should be noted that from GDPR’s enforcement on 25th May to the beginning of October 2018, fines reached £1,425,000, with organisations undoubtedly falling foul of the new regulations as they work towards achieving full compliance.

But let’s think about the bigger picture. Is GDPR working? How would we know?

For years, global policymakers have struggled to develop effective responses to cyber threats, in part because they just don’t have the data to understand what’s happening in cyberspace. Think about it — if you are a policymaker considering how to address unemployment, you can turn to the Office for National Statistics (ONS) – which measures labour market activity, working conditions and the impact of economic activity – in addition to comprehensive census data on personal and socio-demographic and economic issues.

When it comes to cybersecurity, the UK Government’s National Cyber Security Centre (NCSC) has taken the leading role in significantly raising awareness of the evolving cybersecurity risks facing all UK businesses with a digital footprint, as well as the threat to the UK’s Critical National Infrastructure (CNI). This includes a comprehensive bank of guidance on a variety of topics, alongside extensive education and research papers, insights, alerts and advisories, and recommended certified cybersecurity products.

BitSight is taking a different approach to cybersecurity and risk management, enabling it to profile and identify specific threats. Thanks to its extensive data collection and processing techniques and capabilities, BitSight is able to collect, evaluate, and measure cybersecurity performance across global organisations, providing unique and valuable insight into global, regional, and sectoral performance trends across organisations of varying sizes.

When BitSight recently analysed the security performance of more than 140,000 organisations worldwide, the findings were surprising. While its research revealed a steady decrease in security performance across all worldwide regions, organisations within continental Europe actually improved their security performance over the last year. Some of the areas that organisations have improved on include the implementation of stronger controls to reduce Internet exposed services (open ports).

Security performance data may be useful to policymakers as they consider the impact of existing regulations like GDPR, but also future policies and regulations. Policymakers around the world will continue to consider implementing regulations based on GDPR that will protect citizens from poor data security management.

The industry has already seen many calls to adopt similar legislation elsewhere around the world, including Apple’s Tim Cook who, in October 2018 at the Conference of Data Protection and Privacy Commissioners in Belgium, proposed that the U.S enact a policy like GDPR. This summer, California passed the California Consumer Privacy Act that imposes stronger privacy regulations for companies doing business in the state, with this also being discussed across the United States.

How will policymakers judge the necessity or effectiveness of these efforts? In what sectors should they spend their time and focus? On what sized companies? What data will they use? How will they model the impact of introducing such policies?

Global policymakers must begin thinking about the essential elements that will be necessary to build a lasting legal and policy framework to address these significant cyber risks. The ONS was established over 20 years’ ago; as we look ahead to the next two decades, the transformational changes that will occur worldwide as a result of technological and connectivity developments will inevitably present a new wave of cybersecurity challenges, making quantitative cybersecurity more crucial than ever.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Netwrix Acquires Concept Searching To Expand Data Security Offerings.

Next Post

All I Want For Christmas: A CISO’s Wishlist.

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information