For those planning training sessions or candidates intending to take an online exam during this period, we will be offering online exam sessions on December 27 and 29, as well as January 5, 2024. You can check the link to online exam events here.
  2. / Resources
  3. / Articles

Cybersecurity and Privacy as Global Issues

IT Security 2016-09-14

Cybersecurity and Privacy as global issues!
 
The EU has planned to publish some regulations and directives this August 2016. Once they are published every EU nation member state will have about two years and three months to get it implemented and be compliant with it. Who will be impacted, not just the army and the defensive departments, but also all the critical sectors, the essential services, digital service providers. So, if you are an ISP (Internet Service Provider) suddenly in two years-time you will have to be compliant with this new directive. It means you will need to guarantee your availability at all times, it means also that you need to guarantee the integrity, the correctness of your systems, that they work correctly, that they function correctly, that it transmits correctly the data and also means that you need to protect whatever data and information is flowing through your systems.
 
 
What is privacy?
 
Again a new regulation that will come into a place as of June 2018 and it's quite simple "Don`t apply good practices, do not manage the personal identifier information in your company.
PII (Personal Identifiable Information) abbreviated, do not manage those, get them lost somewhere, and you will get a company killer fee". If it’s a minor infraction, it can go up to ten million euros or two percent of your global revenue. So, just imagine a Coca-Cola two percent of its global revenue that’s bit more than 10 million, I think. That’s if it’s a minor infraction. If it’s a major breach or a major infraction than its twenty million euros or 4 percent of your global revenue. And the very nice part of it is you can say, "well, twenty million, I can pay it, I can afford it, it’s a lot of money but I am a big company". Yes, but you have that Four percent and the judge is obliged to choose, according to the law or the regulation, whatever the highest. So, if its two hundred millions instead of twenty millions, then your four percent, you have a fine of two hundred million euros. That’s what I call a company killer. And if it happens once, you might survive, if it happens twice you might still be a bit alive. And if it happens three times, I think you can shut down the company and go look for another job or look for an island where nobody knows you.
 
 
What is breach notification duty?
 
Another issue that we need to tackle is Breach Notification Duty. If a breach happens, if someone loses an excel file, a USB key a portable, your web server gets hacked or a list on paper of ten thousand names gets lost somewhere, or you forget your CD-ROM with all the health information of several thousands of employees on the train somewhere in some country, well, then you have a breach, you need to do due notification according to GDPR rules, you need to have your crises management, your incident management, your communication, and all that needs to be in place and ready to communicate swiftly, because you only have 72 hours to react and then you have to manage your reputation impact.
 
 

 


SUBSCRIBE TO OUR NEWSLETTER

Subscribe
Help Center

Training & Certification

Resources

Network

Examination

Certification

Company

Terms, Conditions, and Policies | Privacy Statement | Cookie Preferences

© 2024 Professional Evaluation and Certification Board. All rights reserved.

Scroll to Top