Skip navigation

Gloucestershire Business News

Business expert: Ssshhhush! Don’t mention GDPR, it might just all go away

By David Woodfine, director at Cyber Security Associates 

The General Data Protection Regulation (GDPR) arrived at our doors last year.

It triggered a rush of activity in most organisations to firstly understand the regulation then to franticly obtain consent from all their customers to continue to send them marketing emails in order to be compliant.

However, the process resulted in many firms realising that they may have more fundamental issues over the security of their legacy IT systems, the amount of personal data they hold, and the cost and time needed to resolve all the problems.

After the first few of months of GDPR has it really had the impact we thought it might, and if you keep quiet will just be seen as another fad. And of course, with Brexit, it might just go away completely.

More realistically for 2019, organisations will be on the lookout for the first tranche of GDPR fines and sanctions. They will then ask themselves just how severe a data breach would need to be to justify the 4% of global turnover maximum fine.

Many believe the Information Commissioners Office is simply not resourced to cope with the potential surge of data breaches had could be reported, but this is no excuse to ignore the importance of data security.

But is this such a major change? Data protection has been in place since 1998, and the new Data Protection Act 2018 (DPA 18) brings everything inline with the array of technological advances and the amount of data now processed online.

DPA 18 and the GDPR already place more emphasis on good cyber and data security, so it is important not to get worried about compliance and see both initiatives as good information security practice. We don't want to ignore these practices - they are here to stay.

Finally, we can expect to see more transparency around cyber security and data security incidents as the obligation to report them will provide more visibility of the threat. But with this comes more class action litigation and political demands for action by firms to improve their security.

But remember improvements in security is not just about technology and must also come from your organisation, people and process initiatives.

Need more advice or assistance? Contact Cyber Security Associates today on 01452 886982, by emailing  or visiting

Subscribe to Punchline

Related Articles

£8billion revenue increase for Gloucestershire-based company Image

£8billion revenue increase for Gloucestershire-based company

BAE Systems have reported an increase in order intake of £8billion and a “record high” order backlog in their latest full year results.

Council agrees to cut business rates for retailers Image

Council agrees to cut business rates for retailers

The announcement made in the chancellor's Autumn statement has been agreed by a Gloucestershire district council

Council Tax increase agreed Image

Council Tax increase agreed

Council Tax will rise in the Forest of Dean, but there will be no cuts to frontline services in the coming year after the District Council approved its budget.

Care apprenticeships opportunity with county college  Image

Care apprenticeships opportunity with county college

Stroud and South Gloucestershire College, in partnership with Flexicare, is to recruit 10 new apprentices in care.

Copyright 2019 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.