Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

Cybersecurity in Europe is Improving: Thank You GDPR?

Cybersecurity in Europe is Improving Thank You GDPR

By Jake Olcott, VP of Strategic Partnerships at BitSight

After years of debate over whether to impose new cybersecurity regulations on companies, General Data Protection Regulation (GDPR) laws went into effect in May 2018. Already we’ve seen several data breach victims ordered to pay fines under the new rules and cookie disclosure notices are popping up on more websites than ever.

Everyone is waiting with bated breath for the first report from the Information Commissioner’s Office (ICO), to be issued after the implementation of GDPR, in order to gain an understanding of the magnitude of breach reporting.

The most recent report from the Information Commissioner’s Office (ICO) has revealed a 29% increase in the number of reported data security incidents, from 3146 between April and June 2018, to 4056 from July to September 2018. This demonstrates a 490% increase compared to the same quarter in 2017. This doesn’t necessarily mean that organisations are experiencing more incidents, but it does means that more are now being reported, as organisations try to tread carefully.

This has inevitably been fuelled by GDPR, as well as the significant data breach incidents that recognisable brands have suffered. However, this increase is also likely due to the new data breach notification requirements under GDPR, which require organisations to report incidents within 72 hours of becoming aware of them.

Drilling into the statistics, most data breach incidents are down to people, processes and inadequate policies. These frequently involve internal users making mistakes, including the incorrect disclosure of data; this accounted for 62% of all data incidents between July and September 2018.

In terms of monetary penalties, £875,000 of fines were issued under the UK’s Data Protection Act (DPA), between July and September 2018, down from £1,030,000 between April and June 2018. It should be noted that from GDPR’s enforcement on 25th May to the beginning of October 2018, fines reached £1,425,000, with organisations undoubtedly falling foul of the new regulations as they work towards achieving full compliance.

But let’s think about the bigger picture. Is GDPR working? How would we know?

For years, global policymakers have struggled to develop effective responses to cyber threats, in part because they just don’t have the data to understand what’s actually happening in cyberspace. Think about it — if you are a policymaker considering how to address unemployment, you can turn to the Office for National Statistics (ONS) – which measures labour market activity, working conditions and the impact of economic activity – in addition to comprehensive census data on personal and socio-demographic, and economic issues.

When it comes to cybersecurity, the UK Government’s National Cyber Security Centre (NCSC) has taken the leading role in significantly raising awareness of the evolving cybersecurity risks facing all UK businesses with a digital footprint, as well as the threat to the UK’s Critical National Infrastructure (CNI). This includes a comprehensive bank of guidance on a variety of topics, alongside extensive education and research papers, insights, alerts and advisories, and recommended certified cybersecurity products.

BitSight is taking a different approach to cybersecurity and risk management, enabling it to profile and identify specific threats. Thanks to its extensive data collection and processing techniques and capabilities, BitSightis able to collect, evaluate, and measure cybersecurity performance across global organisations, providing unique and valuable insight into global, regional, and sectoral performance trends across organisations of varying sizes.

When BitSight recently analysed the security performance of more than 140,000 organisations worldwide, the findings were surprising. While its research revealed a steady decrease in security performance across all worldwide regions, organisations within continental Europe actually improved their security performance over the last year. Some of the areas that organisations have improved on include the implementation of stronger controls to reduce Internet exposed services (open ports).

Security performance data may be useful to policymakers as they consider the impact of existing regulations like GDPR, but also future policies and regulations. Policymakers around the world will continue to consider implementing regulations based on GDPR that will protect citizens from poor data security management.

The industry has already seen many calls to adopt similar legislation elsewhere around the world, including Apple’s Tim Cook who, in October 2018 at the Conference of Data Protection and Privacy Commissioners in Belgium, proposed that the U.S enact a policy similar to GDPR. This summer, California passed the California Consumer Privacy Act that imposes stronger privacy regulations for companies doing business in the state, with this also being discussed across the United States.

How will policymakers judge the necessity or effectiveness of these efforts? In what sectors should they spend their time and focus? On what sized companies? What data will they use? How will they model the impact of introducing such policies?

Global policymakers must begin thinking about the essential elements that will be necessary to build a lasting legal and policy framework to address these significant cyber risks. The ONS was established over 20 years’ ago; as we look ahead to the next two decades, the transformational changes that will occur worldwide as a result of technological and connectivity developments will inevitably present a new wave of cybersecurity challenges, making quantitative cybersecurity more crucial than ever.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post