Data is now big business and the price for organisations who fail to protect it from criminals has never been more costly, as our new infographic shows.
2018 has seen the biggest ever fines issued by the ICO (Information Commissioner’s Office) for information security breaches. We’ve rounded up some of the biggest fines dished out to companies and charities in the infographic below - not including some of the year’s biggest breaches of data that are still under investigation, such as the nearly 50 million user accounts that were compromised by Facebook, or the 500 million hotel guests impacted in the recent Marriott hack.
These breaches paint an alarming enough picture - but all of the fines so far have been for incidents that occured and investigated pre-GDPR (General Data Protection Regulation) in May.
Under GDPR, organisations that fail to protect the personal data they handle will now face a potentially crippling fine that could push them into insolvency. "The fines are going to increase because it’s clear that there are plenty of organisations still not taking data protection seriously," says Philip Anthony, Founder and Managing Director of charity cyber security specialists CoopSys. "If an organisation didn’t bother to lock up its building each evening and was burgled there wouldn’t be much sympathy and the staff responsible would have to leave - and the same needs to apply to unprotected IT systems."
"We’ve reached a point where cyber assets such as data are as important as physical assets. And if you don’t take proper care of cyber assets or someone steals them or damages them, in the eyes of the law its now as serious as a physical loss." As the infographic shows, anyone handling personal data without a cyber security strategy in place at this point is playing with fire.