Earlier this week our Commercial Director, Steve Inglessis, attended the Security IT Summit at the Canary Wharf, London. This summit aims to bring together delegates and suppliers in a series of one-to-one meetings and seminars – providing opportunities to network with fellow senior leaders of IT security.
In this blog, Steve reflects on the experience of the day and discusses the key IT security challenges faced by business’ IT decision makers today.
The Security IT Summit, 04 July 2017
The Security IT Summit is a well-known date within the IT security calendar as it plays host to key IT influencers at some of the largest UK companies. Aside from being a good networking event, it also provides the opportunity to understand the fears and concerns of business leaders today, and where the investment in IT is being made.
Unsurprisingly, concerns and fears lay heavily around cyber security and how to protect business solutions against the next cyber-attack or ransomware that could cripple their ability to perform. A trend that is confirmed by recent research from Barclaycard, which found that SMEs are investing £2.9bn annually on cybersecurity[1].
The introduction of the European General Data Protection Regulations (GDPR) in May 2018 is still a hot topic. However, while many organisations, especially in the Finance and Banking industries, now understand what they have to do to prepare, they are falling at the first hurdle when trying to determine data governance within their organisation.
Where is your business data? And do you know what you are doing with it?
A report published by Capgemini’s Digital Transformation Institute[2] highlighted that 71% of organisations do not have a balanced security strategy or strong data privacy practices, and just one in five banks and insurers are confident they could detect a security breach. Worrying statistics for the future of data security and of course, GDPR is just the latest dilemma facing an industry already struggling with the regulations set out by the Financial Conduct Authority (FCA).
When getting to grips with personal or sensitive data, many IT department leaders are battling to understand how to approach the storage, management and processing of live data, historic data and dead or useless data. They are struggling to get their house in order and to know exactly where data is stored, and what to do with it.
It seems like virtualisation could offer a solution, with many Financial Services and Banking organisations looking to highly secure Cloud storage providers to collate and host their data. This will help manage data in a single ‘location’ and the additional hope is that by bringing in a third party provider, some of the responsibility for effective data security is offloaded and they no longer are solely responsible.
However, under GDPR no-one is exempt from poor data security, and should a data breach occur, then everyone within the chain of custody has a responsibility to uphold the data security regulations. This also applies to end of life data assets, and it is often the disposal of data assets which is overlooked.
The secure disposal of Redundant, Obsolete or Trivial (ROT) data will continue to be a headache for many financial institutions, and without the correct policies, processes and importantly, proof of secure disposal, these institutions could leave themselves vulnerable to hefty financial penalties and high profile reputational damage.
If you are unsure how to securely dispose of your ROT data, then download our eBook and read more about the data destruction options available, the legal obligations and how GDPR could impact your business.
[1] http://www.cbronline.com/news/cybersecurity/protection/british-businesses-fear-cybercrime-brexit/
[2] http://www.information-age.com/prepared-uk-banks-insurers-gdpr-not-123464266/
