Research shows, with just 100 days before GDPR, businesses need to act now
EfficientIP a leading provider of network services, issued a clear warning to businesses today as they prepare for the EU’s General Data Protection Regulation (GDPR). 2017 industry studies revealed it typically takes 99 days to detect a data breach, giving ample time for hackers to ‘exfiltrate’ data, or remove it without detection. This makes February 15th, exactly 100 days before May 25th 2018, the last day organisations can ensure their real-world business are GDPR compliance.
The General Data Protection Regulation becomes law on May 25th. On that date companies will be held fully accountable for protecting their customers’ data. This means investing in a cyber security service to help protect all the sensitive and confidential information that they are storing online to prevent it from leaking and being used by hackers. Failing to comply with GDPR may result in businesses incurring heavy fines. Cybersecurity experts have named the important deadline of February 15th “X-Day”, short for exfiltration day, as it is the last day companies can prevent data exfiltration attacks without potential prosecution by regulators and catastrophic repercussions for their business. Cybersecurity in this day and age is highly important in all businesses, that is why the proper regulations must be adhered to. Looking into the NICE framework by NIST can help companies set their parameters and see what they need to do to ensure cybersecurity is water-tight.
Data Exfiltration the new danger
Data exfiltration is defined as the unauthorized copying, transfer or retrieval of data from a computer or server. This means hackers could steal valuable customer or company information, from credit card numbers to financial records. Using the DNS protocol, they could transfer the data equivalent of the entire Harry Potter box set in under an hour. EfficientIP research showed nearly a quarter of companies, or 24%, suffered data exfiltration in the past year.
Most companies breached after February 15th, 2018 will only discover the attack after GDPR is in force, and will only have 72 hours to publicly disclose the breach. Companies could be put in a situation that would result in irreparable and lasting brand damage, loss of customer trust, and loss of competitive advantage to name a few, if they are unprepared.
Online privacy and security are some of the key aspects that should be focused on by businesses that have a website. Understanding basics like why it is important to use a server when hosting your website, improving cybersecurity features, etc., could prove beneficial to the company. Business owners who are interested to know how a server could benefit them could research more about Seedbox hosting and know better about its advantages.
Building customer confidence
New 2018 global research by EfficientIP reveals companies are well aware of the benefits and opportunities GDPR could bring to proactive companies. As businesses become more transparent about how they handle their customers’ private data, it could enhance customer trust and confidence. Most companies are also very confident that being GDPR compliant will improve their security level. More than anything, GDPR is an opportunity to improve their data governance and the way they use the wealth that is their customers’ data. Well-prepared companies have all to gain from the transformation pushed forward by this regulation. However, the clock is ticking…