Cécile Martin is a Partner of the Paris office of Ogletree Deakins. She has a dual competence in labor law and data privacy law which enables her to stay on the cusp of unfolding developments, and at the forefront of French and international clients needs. Let's find out what she has to say on the subject of GDPR.
The media bubble surrounding the introduction of the GDPR in May 2018 included much hype and speculation about how the new data protection legislation would impact various industries. Few stopped to take stock of the fact that the ‘getting ready for GDPR’ seemed to be creating a micro-industry in and of itself. On the other hand, some said it was just that, a hyped-up bubble that would, like Y2K, simply disappear, once the deadline had passed.
Providing Cybersecurity Awareness Training for your staff is an absolute must for organizations of all sizes. People will always be the weakest link in your cybersecurity defense. Indeed, end users are the longtime favorite target of cyber criminals. Verizon's 2017 Data Breach Digest reported that 90% of the data-loss incidents reviewed that year involved phishing or the social engineering of end-users. Unsurprising then, that a July 2018 Cybersecurity Insiders report concluded that more than 90% of the participating organizations felt vulnerable to insider malice or inadvertent errors by end user employees.
How do you ensure GDPR compliance for telephone interviews conducted for the purpose of market research? If you’re a market research company, or indeed conducting market research directly, you’ll be keen to ensure that data processing is in line with the EU’s General Data Protection Regulation.
Your GDPR compliance is in the hands of your employees. You can invest time and money into updating your data protection policy and strengthening your information security processes. But if your staff don’t know about GDPR, and what their role in your organization’s GDPR compliance is, you’re leaving yourself wide open to the possibility of a data breach - and with that, massive GDPR fines.
Providing GDPR awareness training is therefore crucial to your on-going GDPR compliance management. Check out this short information video by VigiTrust as an example of GDPR eLearning.
GDPR is not all about consent. It looks like a lot of organisations are only concentrating on consent or are seeking consent on a “just in case” basis. If this is how your company is approaching GDPR compliance, then be warned that this may well create problems for you at a later stage.
Staff training is a requirement of GDPR compliance. Rightly so, because human error is the leading cause of data breaches. Rather than just viewing training as a checkbox to tick for GDPR compliance it ought to be at the forefront of your organization’s data protection plans. Make human resources the metal strength of your GDPR compliance policy and not the weakest link in the chain.
So, who in your organization needs GDPR awareness training?
What has Blockchain got to do with Cyber Security? Find out in this short instructional video by VigiTrust eLearning.
A business fell victim to a ransomware attack every 40 seconds in 2017, with global ransomware damage costs for that year amounting to more than $5 billion. Despite the continuous improvements in information security software, these figures are likely to increase in 2019 and beyond.
Topics: Cyber Insurance