GDPR, the new EU General Data Protection Regulation, is coming into force in May 2018 and as cyber-attacks on organisations continue to hit the headlines, it’s important that businesses minimize the risks of a breach.

GDPR is coming, ready or not, and it’s time you thought about getting ‘ready’!

The Information Commissioner, Elizabeth Denham, has said that; “Cyber security is not an IT issue, it is a boardroom issue”.

Telecoms company TalkTalk has been issued with a record £400,000 fine by the ICO for security failings that allowed a cyber attacker to access customer data “with ease”.

And it’s not just the financial penalties (that will certainly increase after GDPR comes into force) it’s also the damage to reputation and trust.

ICO investigators found that the cyber-attack between 15 and 21 October 2015 took advantage of technical weaknesses in TalkTalk’s systems.

The attacker accessed the personal data of 156,959 customers including their names, addresses, dates of birth, phone numbers and email addresses. In 15,656 cases, the attacker also had access to bank account details and sort codes.

Elizabeth Denham stated that; “TalkTalk’s failure to implement the most basic cyber security measures allowed hackers to penetrate TalkTalk’s systems with ease.

While hacking is a serious crime, it is not an excuse for companies to abdicate their security obligations. TalkTalk should and could have done more to safeguard its customers information. It did not and we have taken action.”

Under the new EU GDPR the financial penalty could have been much higher, up to 4% of global annual turnover!


Find out how to ensure that your company is fully prepared for the implementation of GDPR by attending the Compliance Briefing, designed to help the gaming industry prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at www.compliancebriefing.com