Tag Archives: Cybersecurity

How the new EU cybersecurity regulations affect businesses

pandasecurity-EU-initiative-2

The 28 countries that form the European Union will have a common cybersecurity goal beginning July 6th. The European parliament has approved a new directive in which these countries will have to change their legislation in the next 21 months.

The sectors that are listed (energy, transport, banking) will have to guarantee that they are capable of preventing cyberattacks. Also, if a serious incident related to cybersecurity does occur, the companies will have to inform the national authorities. Suppliers of digital services like Amazon or Google, are all required to facilitate this information.

The EU countries have 21 months to shift this into their legislation

The EU countries should strengthen cooperation in this area by designating one or more national authorities to the cybersecurity workload and strategize how to fight IT threats.

The EU’s approved directive establishes obligations for “basic service operators” (most of all in sectors that are already cited), and each country will have six months to transition their national legislation to the new EU rules.

Each country will have six months to transition their national legislation to the new rules.

Some businesses in the digital economy (e-commerce pages, search engines, cloud services) will also have to adopt measures in order to guarantee their infrastructure security. They will have to notify the authorities of any unusual incidents but micro and small businesses will be exempt from this rule.

We have already seen that this approval has come at a delicate moment in cyber-history. The European Union calculates that the cost of cyberattacks on businesses and citizens can be between 260,000 and 340,000 millions of Euros. According to a survey by Eurobarometro, 85% of internet users are concerned by the increasing risk of cybercrime attacks.

In this context, the goal of this directive is to boost trust between EU countries, sync security in the networks and IT systems, and overall, create an environment where information can be exchanged in order to prevent attacks, or at least communicate if a security incident occurs.

 

 

 

The post How the new EU cybersecurity regulations affect businesses appeared first on Panda Security Mediacenter.

GDPR: Enabling Digital Transformation in the EU

pandasecurity-brexit-1

There is a growing amount of personal information and data available on the internet that is accessible to an infinite number of businesses and organizations. In regard to this, there is something we must keep in mind: GDPR.

The General Data Protection Regulation (GDPR) affects all businesses in the European Union. It also affects businesses that offer services to EU citizens, monitor their behavior, or obligate them to give information extracted from data processors.

But, what will happen to the IT security sector once the BREXIT is in full swing?

The GDPR and Cybersecurity Post-Brexit

Two facts influenced the title of this article:

  • Businesses are currently immersed in a technological revolution. Cybersecurity has opened the door for Digital Transformation. In fact, 43% of company heads consider that security should be the first priority when implementing Digital Transformation. IT security is a true business value because businesses cannot be digital without first protecting themselves.
  • The Brexit: It is impossible to ignore the strong influence that the UK has had on the EU, especially in the cybersecurity sector. We cannot disregard the level of paternity that the UK has had in regards to cybersecurity laws, which mostly come from the European Convention on Human Rights (a humorous example of this can be seen in this Monty Python remake).

pandasecurity-brexit-2

When summarizing the GDPR, there are three main points to keep in mind:

1- The baseline scenario for most organizations and companies larger than 250 employees in the EU: institutions who have successfully empowered employees with business silo information, who have implemented Big Data tools, and generated trillions of data files from productivity tools.

2- To fix the IT problem we need to take back control of the distributed information silo and comply with rules 12-21 of the GDPR (clear ownership, custodian and new specific accesses like the right to be forgotten, serious and proactive reporting of all data leakage and manipulation incidents, etc.) while satisfying the growing demand for digital transformation. This suggests that there is a greater distribution of business data that is both quick and automatic.

3- Lastly, we must place some importance on some of the technologies that have been implemented and personalized in different companies (Spain) over the last two years. The results have been positive with a different operational impact deriving from the GDPR based on intelligent threat platforms like Panda Adaptive Defense 360.pandasecurity-brexit-table

The future of GDPR after the BREXIT

These changes should be in full swing by mid-2018. It is uncertain how to anticipate the GDPR changes, especially when it comes to implementing operational changes related to cross-border data transfer. We hope this information is useful for people in IT roles who are up against similar situations. We will continue to look over the current regulations and wait for GDPR updates following the BREXIT. Stay tuned!

Author: Salvador Sánchez Taboada https://www.linkedin.com/in/salvadorsanchez/es

 

 

The post GDPR: Enabling Digital Transformation in the EU appeared first on Panda Security Mediacenter.