General Data Protection Regulation, or GDPR, came into effect just 12 months ago. While at the time this received a flurry of media attention it was relatively short lived and for many, the issue fell off the radar. However, a quick search on cyber security attacks over the last 24 months dictates that data protection should firmly be in our sights.
According to Symantec, leading data security provider, there was a 600% increase in attacks against Internet-of-Things devices from 2016 to 2017. New variants for mobile phones increased 54% to over 27,000, an average of 24,000 malicious mobile apps were blocked each day, the percentage of email spam rates increased to 55% and more than 1 billion web requests were analysed each day.
Fast forward one year later to 2018, and we’re presented with these statistics: a further 56% increase in web attacks with one in ten URLs found to be malicious, 3.7 million form-jacking attempts thwarted, malicious attacks via email and email attachments increased to 48% (a 5% uplift from 2017) and the list goes on.
These breaches are no respecter of business size. The difference of impact is dependent on the cyber security strategy each business has to manage their data.
In today’s tech driven world, huge amounts of digital information are created every day on all digital platforms and often data is collected and stored without your knowledge or specific consent. It was this that prompted the European Union to develop a privacy law to ensure customers’ privacy is protected and businesses are held accountable in the case of any cyber security breach.
In the initial flurry of activity to become compliant, it was unclear how New Zealand businesses would be impacted. GDP regulations dictate that individuals must consent to collection of their data in an explicit, unambiguous way and be told ahead of time what data is to be collected and how it will be used. Beyond compliance requirements, few have asked the broader question: how can this regulation benefit my business?
Strengthened business reputation
Data hacks and breaches on large, well respected organisations and companies both locally and globally have highlighted the fact that no database is immune to cyber security breaches. GDPR compliance will indicate to customers and clients that your company is conscientious and diligent when it comes to cyber security and boost your credibility as a secure platform for conducting business online.
One of the most advantageous aspects of GDPR compliance is the cleansing of data. Identifying incomplete and inaccurate data and then updating these records, followed by regular audit checks will ensure a reliable and accurate database. Having a well maintained, or ‘clean’ database will lead to minimising the risk of fraud, increasing the quality information resulting in more precise analytics and improvement in response rates on email and postal campaigns.
Establish a new organisational culture
GDPR compliance is an encouraging first step in introducing data protection values to your business culture. By raising awareness and education on the importance and impact of data protection, businesses can proactively manage compliance and reduce risk. by raising awareness and educating people through that process. Sharing and discussing news, stories and relevant data protection rules can help your team associate the need for privacy policies and procedures with their own roles. Responsibility for compliance, education and engagement on data protection sits at board level, however privacy and social responsibility is everyone’s job.
GDPR: obligation or opportunity?
Building and maintaining trust between a business and their customers, becomes one of the biggest differentiators in a data driven world. Customers and contacts are more likely to trust businesses who value and actively protect privacy and this should be seen as opportunity for businesses to differentiate from their competitors. Data protection is a cost. Privacy and protection of data is a benefit.
Going beyond compliance and actively engaging in data security, may give your organisation the competitive edge needed to thrive in a digitally driven world.