Freely subscribe to our NEWSLETTER

Dr Jamie Graves CEO at ZoneFox comments, "The way Sports Direct has handled their data breach last year is a perfect example of how not to deal with a cyber attack. Keeping their 30,000-strong workforce in the dark for over a year is simply unacceptable. And it’s not just morally dubious; with the looming EU GDPR regulations stating companies must declare a data breach within 72 hours or they will face severe fines, a lot of learning must be done by businesses on how they deal with a breach. They have said they filed a report with the ICO, but how quickly that happened has not been disclosed. This is a classic case of an avoidable breach; an unpatched system with unencrypted details. This is infosec 101 and they got it wrong."

“It’s one thing having the right technology and experts in place to spot these attacks, but it’s equally as important is what you do after detection. Companies need to become more alert to such breaches and realise that they are all vulnerable. Too many businesses focus on threats that come from outside their organisations, which while a warranted focus, simply does not cover all bases, such as threats from inside the organisation and weak links in outdated software. Organisations must ensure they have visibility and control their data, which would have immediately alerted them to the data being taken."