The new General Data Protection Regulations (GDPR) which came into effect in 2018 meant some big changes in the way businesses collect and handle personal data. The idea behind the new legislation is to give individuals better access and control over their own personal data. While this is great news for individuals, it requires a little extra work from businesses who must now provide legal grounds for collecting data and must only use it for the intended purpose. What’s more, they need to follow these regulations to the letter and remain GDPR compliant at all times.
This applies to companies of all sizes – even your small business. If you collect personal data in any form, such as emails, addresses, names or financial details, your business needs to be GDPR compliant. If it’s found that you’re not effectively managing and protecting your data you could face a big fine. Though regulators may be a bit more lenient with smaller businesses depending on how much data you hold, an unwanted fine is always bad news. That’s why we’ve put together this checklist to help ensure your small business is GDPR compliant. In this guide we’ll look at:
- Understanding your data and responsibilities
- Defining your data consent policy
- Access requests and disposing of old data
- Setting up a data storage and security policy
- Training all staff on GDPR
- Creating data processing notices
By 2021, cybercrimes will cost companies USD 6 trillion, according to a study.
The number of internet users has grown from an estimated at 2 billion in 2015 to 4.4 billion in 2019, but so have the cybercrimes which are expected to cost companies USD 6 trillion worldwide, according to a study by Cybersecurity Ventures.
Similarly, the number of smartphone users has grown from 2.5 billion in 2016 to 3.2 billion in 2019 and is forecasted to grow to 3.8 billion by 2021. Smartphones and the internet will make further inroads to our economic system. But there are certain risks involved as well.
Mobile phones are becoming targets of cybercriminals because of their widespread use and increasing computing power. Consider the fact that more than 60 % of online fraud occurs through mobile phones. This threat is not just towards individual users but businesses as well. It does not matter how large the company is either. 43% of the cyberattacks in 2019 were aimed at smaller businesses because they do not have adequate protection.
The way we work and the spaces we work in have evolved considerably in the last fifty years. Corporate culture is nothing like what it used to be back in the 80’s and 90’s. Cabins and cubicles have given way to open offices. Many in the work-force today prefer to work remotely and maintain flexible hours. As such, hot-desking is common in many multi-national companies including those who have large office spaces. As the start-up culture evolved, there was a need for multiple small offices. This growing breed of self-employed professionals and start-up owners need other resources that are commonly required in the office environment like printers, shredders, Wi-Fi, meeting rooms, video-conferencing abilities etc . They also need a common place to meet people, network and exchange ideas because working solo could be monotonous at some time. Co-working has provided an all-in-one solution for the needs of such individuals and small groups of people by providing a common space where equipment and utilities could be shared between businesses who rent the space. Co-working spaces have thus become very popular across the world and especially in cities where real-estate is very expensive. According to statistics the number of co-working spaces has increase by 205% between 2014 and 2018
Despite its negative connotations, the Dark Web is nothing to be afraid of. Few know that the Dark Web was actually thought out as a means of preserving privacy and security. However, this also enabled it to become a breeding ground for illegal activity.
There are certainly things to be distrustful of when navigating the Dark Web, and before venturing into it head-first, you should understand certain things about it.
What is the Dark Web?
The first thing you need to know is that there is no actual database for the Dark Web. Instead, there are only what are known as “peer to peer connections”, which means that the data you are accessing is not stored in just one place.
Instead, it is found on thousands of different computers that are part of the network, so that no one can actually identify where the information is coming from. You can upload to the network, but when downloading, there is no telling where you’re getting the data from.
“I’ve read that my web hosting provider’s website that they have a good security solution in place to protect me against hackers.”
This is a pretty common answer that a lot of bloggers and small business owners gave me when I ask them if they know about how secure their web hosting is. Also, they often add that their budgets are pretty tight so they’ve chosen to go with “an affordable provider.” By “affordable,” of course, they mean ‘ridiculously cheap.”
Come on, people.
Do you really think that a cheap web hosting has everything in place to stop a website attack? Do you think that they will protect you from all types of hacker attacks?
While I don’t know everything about how web hosting providers choose security solutions, I can tell you with some confidence that a lot of them have laughable solutions.
Industrial espionage is a much more common occurrence than many people realize. As a business grows and begins to compete at a higher level, the stakes grow and their corporate secrets become more valuable. It isn’t just other businesses that might want this information, hackers who think they can sell the information will also be sniffing about.
Even if you can’t eliminate the risk entirely, there are certain things you can do to reduce the risk of a security breach in your business.
It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.
In the past couple of years podcast are gaining popularity and are one of the easiest and most convenient way to learn the latest news and information.
Cybersecurity podcasts didn’t have a particular influence on the boom of podcast popularity as a whole, but there are still plenty of good shows that deserve your attention. Many IT people from simple observes to some of the biggest experts in the field have used this method to provide useful advices to the audience. Even some of the major enterprises are looking for the best cybersecurity podcasts to listen and take care for their IT infrastructure.
On CyberDB we have created a fresh list with some of the best podcasts related to cyber and information security. Check it out next time when you have some free time or even when you are stuck in traffic and want to learn something useful. These shows cover everything from simple endpoint and data security matters to comprehensive security operations and incidents. You are about to find a great range of topics, different opinions and anything that suits your listening needs. With so many great podcasts out there it’s impossible to feature them all in our list. Feel free to contact us if you want to share with us your favorite cybersecurity podcasts and include them in our list.
There is much concern about the realities of “Cyber Battle Fatigue” – a condition resulting from a never-ending process of defending networks and sensitive information from an onslaught of cyber attacks conducted by cyber criminals, cyber espionage actors, and hacktivists. These attackers continue to use a wide variety of tactics, tools, and procedures that span from being unsophisticated to very sophisticated and continue to have more successes than failures. Two things are certain in a constantly-changing domain – that no business that operates online is immune to being targeted, and two, the cyber security talent pool is sparse, and is contributing to the cyber battle fatigue reality.
The numbers are staggering and continue to outperform previous activity. In 2017, ransomware attacks demonstrated how prolific just one type of attack was. The WannaCry outbreak impacted computers in more than 150 countries that cost approximately USD $ 4 billion. According to one U.S. IT Company, in 2017, some notable cybercrime statistics illustrate the challenges facing those network defenders:
The online activities surrounding the 2016 U.S. Presidential election revealed a swath of suspicious postings on social media outlets that ranged from deliberate false information (e.g., one candidate running a child sex ring; another candidate’s followers making anti-Islam chants at a rally) to purchased ads on social media platforms like Facebook (e.g., promoting gay rights, issues related to the African-American community, immigration, to name just a few). In some instances, candidates were attacked via purchased ads. While there has been much furor about this, the truth is that this type of online content is nothing that people haven’t already seen.
During any campaign, negative print and media ads are often directed against political opponents, and the Internet is not bereft of millions of users willing to promote their viewpoints or engage in vociferous debate with people holding alternative or opposing viewpoints. Social media has facilitated the ability for anyone with an Internet connection to express themselves and put forward a message to a widely dispersed audience within a specific geography. People can either listen, ignore, support, or push back on what’s being transmitted. The big fear that the mastermind behind all of these ads was intent on swaying constituents to vote for a particular candidate is a concern that has yet to be fully verified.