If your organisation didn’t suffer a data breach last year, consider yourself one of the lucky few. The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months.
This represents a 16-percentage-point increase over the past year, demonstrating how quickly the threat of data breaches is escalating. And it’s not because organisations are getting worse at protecting their information; it’s because cyber criminals are becoming more proficient.
Consider that the 2019 SonicWall Cyber Threat Report identified a record-high 10.52 billion malware attacks in the past year. With this many threats, it’s no surprise that organisations are being breached at an unprecedented rate.
A case of when, not if
Once organisations understand the scale of the threat facing them, they’ll realise the importance of cyber security. Many senior personnel assume that data breaches aren’t something they’ll ever have to worry about, but these stats show that, for most organisations, a cyber security incident is a case of ‘when’, not ‘if’.
The GDPR (General Data Protection Regulation), which was introduced last year, emphasises the importance of effective security and provide guidance on how to mitigate the risk.
Frustratingly, much of the discussion surrounding the GDPR has focused on its enforcement. Some have already considered the Regulation as a failure because few organisations have been penalised under the rules.
But while they focus on the negatives, Cisco’s 2019 Data Privacy Benchmark Study has looked at the ways the GDPR has been a success. It found that organisations that have met the Regulation’s requirements have suffered fewer cyber security incidents, and when breaches have occurred, fewer records were affected and system downtime was shorter.
So, compliance has its benefits, even if regulatory action for non-compliance hasn’t been as widespread as some would like.
Additionally, although non-compliant organisations aren’t necessarily receiving regulatory fines, they are suffering financial and reputational losses as a result of their complacency.
This gives organisations that are GDPR-compliant a competitive advantage, as they’ll have fewer losses and be able to scoop up customers who are dissatisfied with the way rival organisations handle personal data.
Get your GDPR compliance journey on track
GDPR compliance certainly isn’t easy, but you can simplify the process with IT Governance’s GDPR Documentation Toolkit.
Designed by data protection experts, this toolkit contains a complete set of template documents you need to comply with the GDPR.