What GDPR will mean for cyber security states EfficientIP

What will GDPR mean for cyber security: could it be the answer to unreported cyber-crime?

…And can DNS security help?

Herve Dhelin, EfficientIP

What will GDPR mean for cyber security states EfficientIPIt’s estimated that two thirds of organisations have suffered a data breach in the last year but it’s safe to presume that the actual number of cyber attacks is much higher.

There are still many businesses who simply aren’t aware of incidents, or that don’t have the technology or processes to identify or respond to a breach. For example, our Global DNS Threat Survey shows that only 27 per cent of UK organisations are aware of the different types of vulnerabilities – such as DNS Tunneling, where the DNS protocol is used to steal data.

However, no one can afford to ignore the upcoming GDPR (General Data Protection Regulation), which will further strengthen the protection of EU citizens’ data. It’s coming into force on 25 May 2018, meaning organisations have less than two years to comply.

Companies will be expected to apply new measures including data protection impact assessments, high security standards or implementation of proper privacy policies. And named individuals will need to assume the official role of ‘Data Controller’ and keep records of all data processing activities.

GDPR will also impose a general data breach notification rule, and organisations will have just 72 hours to inform appointed authorities about what’s happened and how much data has been accessed. In worst case scenarios, businesses will also be required to inform the public of the data breach. Tough sanctions and significant fines for data loss are expected – up to €20 million or four per cent of annual turnover.

In order to comply, all companies will have to ensure that their departments work together on gathering, handling, processing and storing data – as well as using new tools and technologies and providing security training. Organisations wanting to be prepared for GDPR should ask themselves if they have a compliant plan to protect their networks, data, customers… and reputation.

While this could mean a lot of work for businesses, it’s good news for the security landscape. Cyber security – especially the protection of sensitive data – will play an even more critical role and must be included from the bottom-up, including the DNS layer in particular.

For instance, engineers involved in EU technology projects will have to act according to a ‘Privacy by Design’ approach – of which DNS security is a core tenet. They will have to ensure data privacy is maintained at the highest standards, and data protection settings will need to be inserted into all business processes at a high level by default.

Another example of where DNS security will be key is mobile working. When employees take home their work laptops and mobiles and connect to personal Wi-Fi networks, these devices can become infected with malware – which back at the office, can begin to exfiltrate data via the DNS protocol. However, a DNS security solution that monitors from a 360° perspective from the inside – with a purpose-built layer of in-depth-defense – can protect public and private DNS from both internal and externals threats, regardless of attack type.

While DNS filtration systems can check the reputation of links against a real-time blacklist and automatically verify whether a DNS request originated from a trusted site. But it’s difficult to maintain an accurate list. Other techniques need to be used to analyse and understand the traffic, and be sure the right counter measure is found.
Now is the time to start building a GDPR-compliant infrastructure, which is secure by design and provides sufficient security at the DNS level. Not only will this save companies money and avoid GDPR proceedings, it will – most importantly – install confidence and help protect customers, partners and employees.

[su_button url=”https://www.securitynewsdesk.com/newspaper/” target=”blank” style=”flat” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more stories like this click here for the SecurityNewsDesk Newspaper[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Defensive AI safeguards against cyber threats

Defense Initiative to enhance global cybersecurity underscores the importance of defending against increasingly sophisticated and pervasive cyber threats…

Bridewell in Microsoft Security Copilot Partner Private Preview

Bridewell today announced its participation in the Microsoft Security Copilot Partner Private Preview. Bridewell was selected based…

Evanssion and ThreatQuotient Join Forces

A renowned cybersecurity and cloud-native security VAD in the Middle East, Evanssion, has just announced a strategic

Most cyber attacks in Middle East involve spyware

Positive Technologies has analysed the attacks carried out on individuals in Middle Eastern countries between 2022…
Neustar

New DNS detection from Neustar

Neustar Security Services, a provider of cloud-based security services that enable global businesses to thrive online, is introducing UltraDDR…
Acronis

Acronis seals partnership with Fulham FC

Acronis, a global cyber protection company, has announced a three-year partnership with London´s oldest professional football club, Fulham FC…
Acronis

Acronis Cyber Foundation celebrates five years

Acronis is proud to celebrate the fifth anniversary of the Acronis Cyber Foundation Programme, a set of philanthropic initiatives designed to engage…
NAKIVO

NAKIVO releases v10.8 with vSphere 8 Support, MSP Console and Hybrid Cloud Backup

NAKIVO Backup & Replication v10.8 marks another major milestone in NAKIVO’s drive toward more reliable data protection for today’s business…
Scroll to Top