A relatively new set of guidelines enacted in the European Union requires many global organizations to reconsider their security practices and update their protective measures.
A quick review of 2017 suggests that it was the worst year on record for cybersecurity – phrases like “data breach“, “phishing”, and “hackers” were uttered in the news so often that we numbed to the shock factor. Checking our credit reports and changing our passwords yet again for banking, credit cards, email, and everything else that impacts daily life is now nearly a quarterly requirement.
What makes cybersecurity such a complex concept is that it’s something we can’t see and that most consumers can’t even fully understand. These are the very elements that put consumers at the greatest risk because fighting an enemy when we don’t know its weaknesses seems challenging, but when the enemy knows ours, it’s terrifying. Cybercriminals are always working to stay one step ahead of the latest steps that consumers take to protect themselves.
What can we expect in 2018? It’s safe to assume that things may get worse before they get better. In many ways, organizations are still playing catch-up when it comes to cybersecurity. Hackers continue to outthink the latest developments in cybersecurity – and how? Because we make it too easy.
Yes, we make it easy – a breakdown in the corporate communication chain, not enough allocations in the budget, and inefficiencies in our security personnel or protocol are just a few of the factors that contribute to why we can’t keep up with hackers.
Is tech about to become all doom and gloom? Not a chance – and those fighting back are doing so with a vengeance. It’s true that governing bodies can’t pass legislation fast enough to keep up with hackers, but it’s also true that we can’t expect hackers to fear the law or those who enforce it.
Have you heard of the General Data Protection Regulation (GDPR)? If your organization has ever done business in Europe, you’ve either heard of it, or you will very soon. In early 2016, the European Parliament began mandating that companies who operate in, do business with, or ultimately collect data on citizens in EU countries will be subject to strict rules enacted to protect these consumers.
Now, you may read this and say to yourself, “I don’t do business in Europe or with citizens of EU countries, so this doesn’t apply to me”. Wrong!
While technically these rules may not apply to you, it’s likely that these rules and guidelines will swiftly spread and become the basis for consumer data protection and cybersecurity in general. Initially, regulators are not likely to audit organizations for compliance to GDPR regulations, and leniency is expected in the event of a data breach if the company can detail cybersecurity measures following these rules that were taken to protect consumer data. As with every data breach you’ve read about in the last several months, this will initially be a reactive measure, but it’s still indicative of new cybersecurity standards.
With the May 25 deadline looming, the question is if IT staff at affected organizations have spent the last 18 months properly preparing. That being said, there are several impacts we can predict for 2018:
Consider the last time you received an email from a friend or colleague that seemed like their email address was compromised. It was likely a message promoting hair growth vitamins, or from someone claiming to be from Google who recommended you reset your password immediately – but neither the web link nor the “from” email address had anything to do with Google. These seemed like obvious threats that are easy enough to ignore.
What happens if a hacker gains access to the webcam on your laptop and read your personal data through the reflection in your eyeglasses? This seemed far-fetched a decade ago, but today? It’s a genuine concern. Imagine that type of scenario but a hundredfold in complexity, and with access to global consumer data – what do you need to do to be ready?
Knowledge is power: arm yourself with an arsenal of information and be transparent in all professional relationships. We’ll face 2018 together, and emerge stronger in 2019 – together.