Last year was another record year for data breaches, as well as the significant volume of data privacy records that have been affected.
Regulators have had enough and are cracking down. On May 25, 2018, General Data Protection Regulation (GDPR) officially went into effect. It was the most important change in data privacy regulation in more 20 years.
The regulation will continue to reshape the way data is handled across every industry sector. Organizations that violate GDPR face fines of up to 4 percent of their annual global revenue or $22.7 million, whichever is greater, as well as other potential sanctions, including losing their ability to process personal data. This has serious and long-lasting impact to business operations, financial health and brand reputation.
“Once more unto the breach, dear friends, once more …”
– William Shakespeare
Today is Data Privacy Day (one could argue that every day should be Data Privacy Day). As the security product manager at Acquia, I thought I’d share our strategy to keep customers’ data safe.
Acquia’s stance is to prepare ahead of time. It is not a question of if there will be an attack on your critical infrastructure but when.
Industry trends are showing that attacks are growing exponentially, and it’s quite possible that very soon corporations will be in a continuous state of responding to an active breach within their environment.
Taking on a proactive and offensive stance is the best course of action. The most critical component of GDPR is identifying a breach as early as possible, assessing the impact and communicating it effectively.
Cyberattacks typically follow the same process from early reconnaissance to the goal of data exfiltration.