Expert Comment: GDPR anniversary - Delinea
In light of the fourth GDPR anniversary,the comment below from Joseph Carson at Delinea, who highlights the positive effect GDPR has had on the way user data is handled, however notes how and why it has introduced the challenge of adapted techniques for ransomware attacks…
Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea
“As we approach the fourth anniversary of EU GDPR, it is a time to reflect on how this privacy law has changed the cyber landscape over the last several years. Since its introduction, GDPR has continually forced organisations to better evaluate how they store and collect user data while simultaneously requiring organizations to implement stronger security controls to protect and secure any data they do collect from potential exploits. While the GDPR law has without doubt given citizens more control over how their data is collected and processed, it has also presented opportunities to cybercriminals who have also adapted their methods and techniques, specifically through ransomware attacks. Ransomware attacks continue to cause ripple effects throughout the industry and cybercriminals now utilize potential GDPR violations as a means of forcing an organisation to pay their hefty ransom demands. An astonishing 83% of organizations admit to paying ransom demands, according to recent research.
While GDPR did force organisations to somewhat improve their security posture, it has not stopped cybercriminals from being successful. Organisations must remember that GDPR is only a standard and cannot supplement a robust security strategy, one that incorporates strong privileged access control, automated threat detection and response, zero trust principles and a security first company culture.”