How GDPR mega-fines could be a cybersecurity game changer
It has taken just over a year for the GDPR to bare its teeth, but this week saw just what companies are facing if they breach the regulation as both British Airways and the Marriott hotel chain each face mammoth fines.
The first to feel the force of the GDPR was British Airways, which faces a £183m penalty from the Information Commissioner’s Office (ICO) for the data breach it suffered last year which saw the personal details and addresses of 500,000 users leaked.
The next day the ICO whacked the Marriott group with a £99.2m fine for its own data breach which saw hackers steal the records of 339 million guests.
Those fees dwarf the £44m fine that was lobbed at Google earlier this year by the French regulatory authority CNIL, which was the first big name to fall foul of GDPR.
The intended fines on British Airways and Marriott aren’t even the maximum four per cent of turnover they could be facing.
As both companies reel from their bad news, will the channel see an uptick in spending on cybersecurity as other large organisations seek to avoid similar penalties?
Stephen Love, chief security consultant at Computacenter, believes there will “definitely” be increased spending on cybersecurity by large firms, based on customer comments he has heard this week.
“It’s a wake-up call for companies,” he said.
Source: Channel Web