Ahead of the 3rd anniversary of GDPR today (25/05/21), two cyber security experts comment on where we are.
David Sygula, Senior Cybersecurity Analyst at CybelAngel:
“What initially seemed to be a real labyrinth, straight out of Brussels bureaucracy, had a major impact on people’s life and privacy.
Europe positioned itself as a true pioneer to protect individuals, now followed by many states and countries around the world, take California and New York as an example. Three years after, there’s still improvement to be made to the overall framework, but it’s now down to the countries to strengthen enforcement of the regulations.
From a business standpoint, it was a stress test (possibly the same magnitude as what the banks had to go through during the financial crisis). But when that stress test is passed, they become bullet proof for global markets, and for the US specifically where massive class actions lead to reputation harm and humongous financial losses. Sometimes even greater than the 4% turnover fines that are part of GDPR sanctions.
Protecting data of both individuals and corporations is paramount, making sure they stay safe, before sensitive information falls into the wrong hands and impact our daily lives. We must not forget, cybersecurity has significant real world consequences”.
Joseph Carson, Chief Security Scientist at ThycoticCentrify:
“GDPR has put citizens more in control of the data collected and processed on them. However, it has also directly benefitted cybercriminals who have adapted new techniques in recent years specifically improving Ransomware, an already powerful digital weapon, by including data theft and exfiltration that specifically forces organisations into a GDPR focus.
We have seen a huge increase in Ransomware attacks and Nation-State espionage into supply chains causing ripple effects throughout the industry. It has allowed cybercriminals to take advantage of GDPR and in turn, making hundreds of millions in ransom payments.In the past year, however, EU GDPR has slowed most likely as a direct result of the global pandemic, and some organisations who face significant industry challenges under the pandemic had their financial penalties significantly reduced”.
