GDPR (the Data Protection Act 2018 is basically GDPR with some small changes) requirements apply to all businesses large and small, although some exceptions exist for SMEs. Companies with fewer than 250 employees are not required to keep records of their processing activities unless it's a regular activity, concerns sensitive information or the data could threaten an individuals' rights.
Despite a greater emphasis being placed on data security, data breaches are on the increase. Whether through sophisticated social engineering techniques or more technical attacks, cybercriminals are trying every available tactic to profit from this sensitive information.
An interesting article on BBC News about Hostile Intelligence Agencies using LinkedIn to gather intelligence data on the business community.
At H2 we pride ourselves on providing a level of service that most SMEs either don’t need full time, and/or can’t really afford but nevertheless could certainly use. One such service is the Virtual Cyber Security Information Officer (CISO) or Virtual Cyber Security Manager.
Barely a week goes by without a data breach being reported somewhere in the UK. Of course many are quite small, but all are significant and in breach of the law.