2017 was a year of many attention-grabbing headlines, informing us how hackers have managed to steal corporate data. If you still think this isn’t a big deal, CBC news quotes a report by Risk Based Security Inc., which found, “that Canada had the third largest number of data breaches in the first six months of 2017, behind the United States (1,357) and the United Kingdom (104). The 59 incidents across Canada exposed an estimated 2.1 million records.” In response to this statistic, the Canadian government wants to start fining companies that try to hide and not report that they have had a data breach. Currently, each province handles breaches differently, with Alberta being the only province that requires companies to disclose a breach.
It isn’t just the Canadian Government looking to bring about legislation. The UK has just announced plans to fine businesses up to £17m for failing to adequately protect themselves from cyber-attacks. These fines will go into effect in May of this year, and include breaches associated with Ransomware outbreaks. In addition, GDPR goes into effect May 25 of this year in all EU countries. This doesn’t just affect European businesses, however, all organizations that do business in the EU are affected. Fines for not being compliant with GDPR can be as high as €20 million.
Clearly security and compliance are an important part of any business strategy. If it hasn’t been part of your business strategy up to this point, now is the time to start. Remember that compliance is an ongoing process, and not just a list of items to check off as completed. Hiring an MSSP is a great idea for businesses that don’t have the time to manage the process themselves. An MSSP (Managed Security Services Provider), utilizes industry leading technology and mature frameworks to remediate risk, ensure compliance, and secure environments. Uzado helps organizations deliver cost effective, measurable and highly successful security and compliance programs across many industry sectors.
In addition to security and compliance, Breach Readiness and Cyber Insurance are also areas that today’s businesses must also invest in. BRaaS (Breach Readiness as a Service) is a service provided by Uzado that will help your organization mitigate the effects of the breach and reduce the turnaround time. Cyber Insurance is “used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities. Risks of this nature are typically excluded from traditional commercial general liability policies.” Uzado has developed a framework for Cyber Insurance that can be useful to help mitigate risks.
In the end, Security, Compliance, Breach Readiness and Cyber Insurance are all tools that can help your organization minimize the costs associated with a security breach. Don’t be unprepared! Click below for a free copy of our whitepaper.