It’s time to prepare yourself against data breaches
Would you rate data breach prevention as a top security priority?
Most companies do. According to a large global study we conducted towards the end of 2018, the vast majority of IT directors and CISOs cite breach prevention as a key cyber security initiative for their businesses in the coming years. Closely following it – as expected – is compliance with legal frameworks like the European General Data Protection Regulation (GDPR).
Of course, these two issues come hand in hand. And now we’re starting to see how the aftermath of a breach scenario might play out in a post-GDPR world.
In July 2019, UK’s Information Commissioner’s office (ICO) announced that it will fine British Airways £183.39 million ($229.45 million) for violations of the GDPR. The fine results from a breach conducted by hacker group Magecart, which compromised the personal data of over 500,000 customers in 2018.
Immediately following this announcement, the ICO also published their intention to fine Marriott International £99 million ($125 million) for a breach that exposed the personal data of roughly 339 million customers. The attack first began in 2014 against Starwood Hotels & Resorts (a company that Marriott acquired in 2016), and continued on for four years before it was finally detected.