The intersection between cybersecurity and data privacy is making front-page news these days. The General Data Protection Regulation (GDPR), adopted by the European Union in 2016 and implemented in May 2018, represents a comprehensive regulatory effort with the objective of protecting consumer data and privacy. Organizations, or “controllers” of data in the language of the laws, must put in place “appropriate technical and organisational measures” to implement the data protection principles. There have been other legislative efforts in recent years dedicated to consumer data protection - the Dodd–Frank Wall Street Reform and Consumer Protection Act in the U.S. being one of them (though some of those regulations have since been removed or eased), but GDPR has been the most extensive.
My phone’s been ringing this morning from people wanting to talk about the massive Marriott breach — the revelation that private data associated with up to 500 million people may have been compromised. I’m sure there’s a lot more to learn from the details, but in the meantime, I’ll take a quick minute to jot down some initial thoughts:
When yet another headline about a large-scale data breach scrolls across your newsfeed, you might worry about the security of your company and hope it doesn’t happen to you. But after the initial shock of a breach, most people stop thinking about it.
Cyber security was pretty simple back in the 1990s. Anti-virus software and firewalls offered plenty of firepower to combat attacks that were more annoying than dangerous.
But that world is gone.
You don’t need a long report to tell you that cyber crime is on the rise. You’ve seen the news—major companies like JP Morgan Chase, Anthem, LastPass, CVS and more have all fallen victim to data breaches in 2015.
The truth is that any company harboring sensitive customer information could become the target of a sophisticated cyber attacker.
That being said, there are certainly industries that are more vulnerable to attacks. Let’s take a closer look at four of the most vulnerable industries—financial services, healthcare, insurance and retail.