A bit more about Estate Agents and data breaches (of course this is relevant to many other sectors). Estate Agents will hold a lot of personal data, pertaining to the purchase and/or sale of property.
Is it really surprising how many SMEs, some holding large amounts of personal data, even special category data don’t have a DPO. Probably not as many have an aversion to spending money on things that are not their core business. Understandable, certainly, but it is a legal requirement. We have now crafted a service to allow SMEs to buy in a virtual DPO at an affordable price. If you want to no more, message me.
At H2 we pride ourselves on providing a level of service that most SMEs either don’t need full time, and/or can’t really afford but nevertheless could certainly use it. One such service is the Virtual Cyber Security Information Officer (CISO) or Virtual Cyber Security Manager.
It’s an interesting question and one that has been endlessly debated over the years. Is an SME worth the effort of a Cyber attack? It’s difficult to assess just how many Cyber attacks there are annually, aimed at SMEs in the UK. Some studies suggest that they have increased tremendously in recent years. Most large organisations have the capability, but not always the will it has to be said, to determine just how many attacks they sustain, how many were successful and what the loss has been, quantified in financial terms. SMEs do not.
Okay in a conversation I was having last week about the new EU and UK data protection regulations and legislation, someone said to me; “what on earth do they [DPA 2018 & GDPR] mean when they say you have to take a Risk Based Approach to ensuring data protection”?