Over the past 6 months, there has been a number of important questions when Ground Labs are in discussions with clients and customers in all of our GDPR related sessions. One of the questions asked is how do companies deal with a SAR? Read our blog post on Subject Access Requests to give you a greater insight into how companies are preparing for them. Another very important questions are the one of cost. What is the actual cost to businesses when preparing for GDPR and how to minimise the risk?
You can break this question down into a number of bite-sized portions. The first is the financial cost to the business. A recent study (2017) by IBM into the true cost of a security data breach found the average cost to an organisation who suffered a data breach to be $3.62 million. The study had 419 companies who participated. This figure had decreased from the previous year but the size of the breach had risen by 1.8% from the previous year. To read the full report please click here.
This $3.62 million is a small representation of the overall cost to companies who suffer a data breach. With the new GDPR legislation coming into law next year, the fines alone for companies suffering a data breach have been well documented. GDPR will have a tiered penalty structure attached to it for companies that do not comply and suffer a data breach. The more serious the breach the higher the penalty, 4% of global revenue or 20 Million Euro whichever is higher could potentially eclipse the $3.6 million stated in the IBM report. There are also other fines to take into consideration when planning your GDPR journey. Complying with Article 28 will also have a fine associated with it. 2% of global revenue can be issued to a company whose records are not in order or the supervising authority and data subjects are not notified of a breach. The oversight of the planning and breach notification part of GDPR could turn out to be very expensive for companies.
There are also other factors that have to be taken into consideration with looking at overall costs and impacts to the business. What impact will a potentially disastrous data breach have on the brand? A breach would be felt right across the business including its staff. Why? Because the brand has been tarnished. In an age of security-conscious consumers who value their own personal data and want to know it’s being kept safe and secure by the companies they trust to handle it, could be catastrophic. Consumer and business confidence is key to long-term growth in any industry, so can you put a cost on that? This actual cost may be felt for years if the business even comes through it.
So how does Ground Labs software help to reduce this risk of a data breach and help towards becoming compliant with GDPR? Our Enterprise Recon has over 200 Data Types built into the tool straight out of the box. It’s been upgraded to include data types from all 28 EU countries to help you search where in your network your sensitive data is stored. The tool is an on-premise product and forensically search’s your entire network looking for structured and unstructured data.
Once you run a scan on across your network it will report all instances of sensitive data found in Ground Labs product dashboard.
There you will have the option to see exactly across your entire network where your sensitive data is being stored. You then have options to decide how you handle that data with multiple remediation functions.
Our GDPR ready tool is a perfect tool to use to no matter where your business is on the GDPR journey. Understanding where your data is and how to remediate it will help to reduce compliance costs and eliminate the root cause of cybersecurity data breaches.
To download a free copy of our white paper on GDPR please click the link:
If you would like further information on how Ground Labs can help with your GDPR initiative. Please visit http://content.groundlabs.com/gdpr_assessment to organise a free risk-assessment.