Cyber Security & GDPR
How PCS Can Assist You
By: Reuben Leach, Commerical Manager
Since I started working in IT early in the year 2000 there have always been industry trends or some sort of topic on everyone’s lips.
2017 has, without doubt, been the year of Cyber Security. Especially with the Wannacry attack in May.
I like making the odd prediction and I think 2018 will be the year of GDPR (the General Data Protection Regulation) which will apply to all UK Businesses from May 2018.
I speak to customers regularly about both GDPR and Cyber Security because they do intertwine with each other in so many ways. I’ve done so this afternoon, speaking to a customer with several thousand staff on their payroll and found myself trying to work out how they operate when they gather information and store it, how their users process that data and how it’s held internally and what their risks might be.
GDPR includes lots of Cyber Security requirements, including encryption, safeguarding systems against malicious code and making adequate backups of your company data.
Being that I find stuff around Cyber Security and GDPR quite interesting (I need to get out more) I noticed, a few months back, a news story about how, in one area of the UK, more instances of Cyber Attack were being reported to the police than other crimes (BBC News). In this, it’s mentioned how one company nearly went out of business because they were hit with a Ransomware attack and were not making regular backups of their data. The backing up and protection of company data is one of many areas where PCS excel.
In 2016 a nursing home was fined £15000 after a single laptop was stolen holding unencrypted data relating to some of its residents (BBC News). For a small percentage of what that breach cost them (and I’m talking less than ½% here) PCS could have installed and supported an encryption service on that device. This would have allowed the organisation in question to adequately demonstrate that the data was secure and was not compromised.
It’s a fact that many cyber security issues and their consequences are avoidable simply by adopting suitable services. Services which PCS Business Systems can implement and manage on behalf of your company.
For those of you reading this who don’t know a lot about PCS, we are an ISO27001:2013 certified organisation and have experts on hand who can advise on cyber security and GDPR related offerings. We can go as far as to assist your business in obtaining an industry recognised certification which demonstrates that good cyber security practices are being adopted. So much so that where GDPR is concerned it’s considered good evidence that steps are being followed in protecting your business and its data from internet based cyber attacks.