Weaponising GDPR

A few months ago, you couldn't turn on the TV or open a browser tab without seeing something relating to GDPR. Now that it's finally here, the press seems to have forgotten all about it.

That is of course, until the first really big law case hits…

In recent months, we have seen numerous attacks against some high-profile targets, for example:

• British Airways
• Superdrug
• T-Mobile
• Telefonica
• TimeHop
• Ticketmaster

Whilst the damage these attacks have caused to those involved is pretty much known about – GDPR states that you have 72 hours to notify all those affected of a breach; what is yet to be disclosed are the financial penalties imposed by the ICO (The Information Commissioners Office) – the body responsible for upholding GDPR in the UK.

Under the GDPR legislation, fines for serious breaches of personal data can stretch to €20 Million or 4% of global turnover.

For these companies hit since 25th May 2018, this could be quite a considerable dent to their profits, and as such their long-term financial stability.

How many attacks will we see where the ultimate motive for the breach will not be anything to do with the data obtained, but to see the company hit with huge financial penalties, or to see the reputation of the company destroyed?

Could GDPR be the perfect weapon for your competitors?

QA have a range of cyber security and GDPR training courses that will enable you to comply with the new legislation, but also prepare your company for the worst.

Visit cyber.qa.com for more information on how we can help solve the Cyber Security skills gap.