Cyber attacks, data security and the GDPR

So, if you haven’t heard about the recent cyber attacks on the NHS then firstly, where have you been and secondly, get reading as it’s really important subject. A total of 48 trusts were hit but now all are thankfully back to normal.

Understandably, NHS bosses and the government are facing questions over why hospitals had been left vulnerable when their systems were infiltrated by a global cyber attack which crippled their services. The chaos it caused was unthinkable, with operations and appointments being cancelled and ambulance services diverted.

Businesses and data security According to Gov.uk, Britain’s businesses are being urged to better protect themselves from Cyber criminals, with two thirds of large businesses experiencing an attack in the last year. There’s a huge amount at stake, as we’ve seen from the past week’s happenings and so IT professionals have their work cut out when it comes to protecting this information; as quickly as technology evolves, so do the tactics of cyber criminals.Cloud technology More and more businesses are adopting Cloud technology as part of their digital transformation strategies to increase their potential capabilities. Many organisations now view the cloud as secure, in fact, more so than on–premise deployment. However, what we have to remember is that cloud security is a joint responsibility.Organisations relying solely on a cloud vendor’s security protocols are potentially exposing themselves to unnecessary risk and cyber attacks. So with this in mind, we mustn’t rest on our laurels; whether you’re a Director or an employee, data security is a hugely important issue which demands careful consideration and forethought.General Data Protection Regulations (GDPR) The European Union’s GDPR comes into effect on 25th May 2018 and so companies must be compliant with the newly published rules to drastically improve their data privacy policies by this date. We mustn’t underestimate the scale of this topic, with reported staffing levels reaching a massive 28,000 data protection officers in Europe alone.GDPR includes people’s IP addresses and online identifiers, as well as forcing companies to gain people’s explicit consent to use their data. The aim is to make it easier to find out what data companies hold on you, how your data is handled and what it’s used for. Data owners (client) vs data processors (us) Previously the onus was on the data owner, however, as of May 2018, it will be a joint responsibility with the data processors (i.e. cloud service/us as an example) so in our market, we are also liable and need to ensure as a business we are compliant. This is a huge subject and one we will continue to talk about in future articles and white papers, so use this as food for thought at this point in time and we’ll be back soon with our next update

See other trending articles

XCD selected as a fast growth SME to join the fifth Great British Scaleup

XCD selected as a fast growth SME to join the fifth Great British Scaleup  TechMarketView have today announced that Bristol-based software company, XCD, are one of the eight fast-growing UK tech SMEs selected to participate in this years’ Great British Scaleup. The fifth Great British Scaleup event, which will be held next week in London, will see top executives from each […]

Why does my business need a cloud-based HR system?

Why does my business need a cloud-based HR system? Growing companies all face the same dilemma, and that dilemma has to do with how you manage your growing company. The amount of information that you need to process will only grow, and without the right systems in place, data can get lost, insights could be […]