GDPR is a landmark in privacy jurisdiction. Through its 99 articles, it sets a framework for both businesses and individuals on their rights and responsibilities when it comes to protecting privacy. The most important element in my opinion is that privacy functions a fundamental human right and needs to be protected.

Despite GDPR having been enacted over 15 months ago, over half of UK organizations are still not compliant with the General Data Protection Regulation (GDPR). The report released by Egress, GDPR Compliance: where are we now?, polled 250 GDPR decision-makers and found that 52% were not fully compliant with the new regulation. Even worse, 35% of respondents claimed compliance with the EU-wide data protection regulation had actually dropped down on the priority list over the past year.

In July 2019, UK Information Commissioner’s Office (ICO) announced its intention to fine two companies for violating the European Union’s General Data Protection Regulation (GDPR). ICO began by disclosing its intention to penalize British Airways in the amount of £183 million (approximately $224 million) on 8 July.

Cyber security may be about to become more than AOB for organisational boards across the country. British Airways has been struck with a record-breaking £183-million fine as a result of its data breach last year in which around 500,000 customers had their data stolen, including credit card and CVV numbers.

What’s happened? British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen. 183 million quid!? That sounds huge! Yes, it’s the biggest fine ever handed out by the UK’s Information Commissioner’s Office (ICO).

The California Consumer Protection Act (CCPA), set to go into effect in January 2020, will have a big impact on companies that do business in California or collect the personal information of California citizens. Driven by growing public demand for privacy, CCPA is the latest in a line of regulations that gives individuals greater control over how their personal data can be collected, stored, purchased, or shared by private companies. Wondering what CCPA means for your business?

Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored. But when a cyber incident hits your organization, do you know if it needs to be disclosed to the public? How prepared are you to let your customers and authorities know?

According to the Cisco 2018 Asia Pacific Security Capabilities Benchmark Study, 90 percent of Australian companies report that they receive up to 5,000 cyberthreats per day. For cybercriminals, Australia’s superannuation funds, banks, and insurers make for attractive targets. It is essential that these industries can protect and secure their data, including the data of their clients and customers, and respond quickly and robustly if a critical cyber-attack occurs.

Many of you will remember the 25th of May 2018 as the day GDPR became legally enforceable. That week, our emails were bombarded with updates to privacy policies or requests for us to ‘opt-in’ to having our data processed. Funnily enough, many of these were unnecessary and, in some cases, missed the point entirely.

It’s been nearly a year since the European Union’s General Data Protection Regulation (GDPR) became enforceable. In that span of time, news outlets have reported various stories largely concerning the regulation and its penalties scheme.