Okay in a conversation I was having last week about the new EU and UK data protection regulations and legislation, someone said to me; “what on earth do they [DPA 2018 & GDPR] mean when they say you have to take a Risk Based Approach to ensuring data protection”?
The National Cyber Security Centre (NCSC), a department of GCHQ Cheltenham, estimates that if you are an SME then you have around a 1 in 2 chance of experiencing a cyber security breach. For the small business this could result in costs of around £1400, for the medium business, considerably more. One has just been hit for around £30000, which I am sure you will agree, can be extremely damaging to the bottom line of businesses operating under tight margins. And of course, it’s not just financial penalties but the reputational damage should your customers data and assets be affected as well.