GDPR Overview with Ken Linscott, CSC®
The clock continues to tick toward May 25, 2018, when the General Data Protection Regulation (GDPR) will be officially enforced across the European Union (EU). Any company doing business anywhere in the EU will be subject to the new regulation, and those not in compliance―should a breach occur—could face a fine of up to 4% of their company’s global turnover in a given year.
Digital assets—including domain names, DNS, and SSL certificates―are a known weak point for exploitation by cyber criminals and hackers. Failure to administer these correctly or to implement the appropriate technical and organizational measures can result in a breach.
Ken Linscott, product director for domains and security at CSC®, is concerned that most companies may not be well-versed as to the GDPR’s potential legal ramifications and effect on their business. Furthermore, the same companies remain unaware of the location and security of their own digital assets. It’s an issue that Linscott addressed at the recent GDPR Summit in London.
“Companies really need to ask themselves, what do we have in place, and are they best practices for our digital assets?” said Linscott. “For those brand owners that have perhaps not made this a focus in the past, now is the perfect time to look at those measures they have in place.” Under the GDPR, companies must demonstrate that they have implemented the appropriate organizational and technical measures to ensure a level of security appropriate to the risk.
Increased cyber security at a foundational level, essentially, is Linscott’s message in the attached video. In it, there are four key recommendations Linscott makes for businesses looking to sure up their digital assets before the May 28 deadline, including:
- Consolidate all your digital assets―Reducing risk by consolidating your assets with a corporate provider who is focused on service, security, and strategy, is the best plan of action.
- Consider security when reviewing vendors―A third of large brand owners still utilize a retail registrar, even though there is a track record of retail and low-cost providers succumbing to a wide range of attack vectors, from DDoS attacks to social engineering.
- Secure access to your digital assets—Only authorised actions should be able to occur, so implementing the readily available and low cost technologies that mitigate the risks of cyber crime.
- Prepare for the attacks you know are coming—Two of the most common third party attack vectors are DDoS attacks and phishing/email fraud. Choose a provider with a credible uptime guarantee and the technology to reduce the likelihood and impact of an attack.
The clock is certainly ticking, and the GDPR will be enforced within months. Consider this opportunity to get your digital assets in order an alarm going off. But be sure not to hit the snooze on this one. Set your digital priorities straight today by contacting CSC for a consultation.
As the countdown continues to the May 25 deadline, more and more reminders will be sent out regarding the prioritization of digital assets across Europe. Contact CSC for a consultation of where your domain names, social media handles, and mobile stand today.