Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Mimecast comment: GDPR Anniversary

May 2023 by Dr Francis Gaffney, Senior Director, Threat Intelligence and Future Engineering at Mimecast

As the world shifts further into a digital age, today marks the 5th anniversary of the introduction of the EU’s GDPR legislation. The comment from Dr Francis Gaffney, Senior Director, Threat Intelligence and Future Engineering at Mimecast who discusses why regulation alone is only part of the challenge when it comes to preventing cyber attacks.

“The 5th anniversary of the introduction of the EU’s GDPR legislation provides a welcome and necessary reminder of the importance of keeping data secure. The EU has played a tremendous role in setting the standard for supranational data protection. In its GDPR, it explicitly requires that sensitive data be protected from unauthorised access. This applies not only to documents stored in CRM systems, databases, and archiving systems, for example, but also to confidential data transmitted by e-mail or via collaboration tools.

Additionally, as we approach the “quantum age”, Mimecast are warning against an increasingly observed methodology of attacks based on the motto "Store Now - Decrypt Later". In other words, threat actors steal confidential information, now, that has been encrypted using common methods. With the aid of quantum systems, they could be able to decrypt this data at a later date (assessed to be in the next 2-5 years), for example technical documents, confidential e-mails, and organisational information.

Our recent State of Email security found that, globally, the average cost of a data breach is $4.35 million and it is assessed 33 billion electronic records are expected to be stolen every year. Furthermore, it is often the case that the damage to the organisation’s reputation and branding, dwarfs any fine imposed.

Regulation alone is only a part of the challenge to prevent threat actors from accessing sensitive data in the first place. In order to transform end-user and organisational behaviour, it is key that organisations build a layered approach to cybersecurity resilience, including cybersecurity responsibility, incident response, and awareness training embedded deeply into the culture and spanning across all department disciplines. Only then can organisations reassure consumers that they are safe entrusting their personal information with third parties.”

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts