ICO finally bares its teeth
Written by Joseph Poppy on 08/07/2019
Look at the positives
Whilst it may be difficult for BA to see the positives in this, there are some to be seen from a cyber security perspective. If there’s one thing the higher-ups at companies hate, it’s losing money. The more zeroes on a loss, the more they hate it. It could well be that the ICO has implemented such a large fine to wake businesses up to the severity of the situation. They have a duty to protect their customers’ data and, if they fail in this duty, there’ll be more than just reputational damages to consider.
I can see various suited board members across the country – perhaps even the world – leaning forward and taking note. This note will be ‘get better at cyber security’. It will be in capital letters and underlined twice.
An example has been made and if companies don’t react, they’ll suffer a similar fate. Ripples may already be in motion. Cyber security will rapidly move up the agenda for all businesses, regardless of the size, and customers will benefit from knowing their data is in safe hands.
As Bulletproof co-founder, Oliver-Pinson Roxburgh states “businesses need to get cyber security right, and it’s not necessarily that costly a process, especially when you consider the potential cost of a breach. Regulatory fines are just one aspect, there’s the cost of mitigation, the potential loss of customers and reputational damages to consider.”
There's no going back
GDPR is with us to stay and organisations will have to take their responsibility over customer data seriously. This means having the right tech and management processes in place to ensure security is as tight as it can be. This fine levied at British Airways may well encourage others to get it right before it’s too late. Penetration tests, effective log monitoring, active threat hunting and proper training are all integral to a strong security strategy and will help your organisation avoid these hefty fines.
ISO 27001 and 9001 certified
Tigerscheme qualified testers
PCI DSS v3.2 Level 1
24/7 on-site Security
Get a quote today
If you’re interested in our services, get a free, no obligation quote today by filling out the form below.