After European Union’s General Data Protection Regulation (GDPR) is applied in 2018, British business establishments not adhering to cybersecurity practices will risk the fine of either £18 million or 4% of their annual global turnover.
The PCI Security Standards Council came with this step after around 90% of large organizations and 74% of small and medium-sized enterprises suffered security breach last year, costing them up to £1.4 billion in regulatory fines. National statistics office suggests that there were 2.46 million cyber incidents in 2015.
The PCI SSC has warned that if the level of cyber security incidents against organizations does not improve after the GDPR is implemented, then the fine can be raised by as much as £122bn. Current maximum for fines is set at £500,000.
Consumer identity and access management (CIAM) projects are being driven by business demand and new European data protection rules.
As businesses are taking digital form, the establishments are realizing they need to connect with the customers more than employee-partner relationship which includes protecting the customer’s identity.
Identity management helps companies deliver more personal, convenient and trusted mobile experiences to customers, employee and partners, while enabling secure access to apps and data in the cloud.
The new EU legislation will act as a transformation for both large organizations and SMEs and it will be interesting to see how the businesses will be able to shoulder the costs.
It’s high time, small and large companies start acting and put robust standards and procedures to counter cyber security threat.