Having recently been asked to present at a webinar on ‘Lockdown Risk’, it got me thinking.
How has the Lockdown changed an organisation’s Data Protection status?
For most, in a new world where ALL organisations have been forced to reconsider their working arrangements, the pressures of trying to run a ‘Business as Usual’ approach during Lockdown in a new, decentralised model has been extremely challenging. So, information security and data protection took a back seat.
During Lockdown, survival in all senses of the word is understandably what had to, and did, come first. And being innovative and finding ways of putting in quick alternative solutions (work arounds) became the new norm.
Unfortunately, it was the same case for the ‘cyber criminals’ too*.
Add to this trying to monitor non furloughed employees’ performance when working remotely in their own homes. Evidence already suggested that 3rd party suppliers were a huge risk factor. A risk that has now increased significantly.
This got my GDPR alarm bells ringing!
Back to Basics
It’s time to go back to the basics of the original GDPR foundations:
- The need to identify risks to your business.
- Breaking down silos caused by the new regime.
- Rebuilding trust internally and externally throughout your organisation.
How do you do this?
- Policies and processes will need refreshing, and ‘ROP’ (Records of Processing) updating.
- With any equipment, networks, environment changes there is still the need to deliver Education and Awareness.
- Ensure that you can still evidence that you have the Organisational and Technical controls in place and tested.
- Remember, you are still responsible for making sure your contracts and outsourced providers (3rd parties) are GDPR compliant. They too will have had to change.
- Cyber-crime pre-COVID 19 was already costing the global economy over $2 trillion
- Online shopping fraud has risen by 46% since the start of Lockdown, ‘making it one of the biggest crime growth areas’ in the UK.
- Human error accounts for 95% of internal breaches. There has been a big spike in email and phone scams as criminals look to seize on people’s vulnerabilities around COVID 19
- When it comes to coronavirus, your personal information may not be your first thought.; if you’re worried, ICO have put together some information to help: https://ico.org.uk/global/data-protection-and-coronavirus-information-hub/
Other useful sites: