Compliance and Regulation in Cybersecurity: Preparing for GDPR

A new regulation for the UK and much of Europe is coming in just a couple short months. The General Data Protection Regulation (GDPR) is meant to ensure business compliance with cybersecurity protections for their customer data. While something like this is not currently in place in Canada, it could be in the near future, and it's best to start thinking about it now to avoid surprises.

What changes does GDPR mean?

Essentially, the most noticeable difference for businesses before GDPR and after will likely be the amount of the fine incurred if a breach occurs. In some places it will go up, while in others it will go down. Regardless, a fine is a good way to motivate staff to comply with the regulation.

What can you do now to be prepared?

Implement staff training in cybersecurity measures, and maintain that training with refreshment courses as needed. There's no reason for ignorance of cybersecurity methods to be an excuse.

Ensure that customer data is not stored in unsecured places, such as in the digital cloud or on smartphones. This makes it easier for potential breaches to occur.

When it comes to cybersecurity, it's better to be safe than sorry. See how your IT system rates with our assessment tool.

Shaun Rowsell