Much has been made of the new fines that have been set in the new General Data Protection Regulation, which can be up to €20m or 4% of global turnover.
If that doesn’t grab your attention, then consider the reputational and financial damage that is possible from a significant data breach.
In late 2013, Target (a major US discount retailer) was subject to a hack after malware was introduced to 1,800+ stores. It was believed to be the result of an external HVAC contractor accessing the network.
A reporter broke the news and Target admitted that over 40 million customer records were compromised, including encrypted PINs.
The fall out and ramifications for Target included:
So it is worth remembering that the consequences are far wider reaching than a potential 4% fine on global turnover!