How the GDPR inspired a new approach to email data protection
During Cyber Security Awareness Month, our cyber security experts answered the most frequently searched questions on securing digital communications, working safely from home and eliminating the biggest cyber risks. Answers are available in video and written format. Today: why do organisations need to secure their digital communications?
No time to watch the full video? The question is also answered below (in more detail than in the video).
When we go back to the core of cyber security awareness, it is important to first thoroughly explain the 'why'. What is actually the reason you should secure online communications such as emails, video conferences, chats, etc.?
The answer is simple. Organisations need to properly secure their digital communications as reports by various Data Authorities show that as many as 90% of all data leaks are caused by communication processes within organisations.
Data breaches occur in 90% of cases during the communication process.
In the Netherlands, the country with the best data leak reporting culture in the world, as many as 27,000 data leaks were reported in 2019. Of these, only 3% were caused by hacking, malware or phishing.
Causes of data leaks were:
- Wrong e-mail addresses,
- Accidentally sharing privacy-sensitive information,
- Do not accidentally put senders in the 'Bcc',
- Easy to crack passwords,
- Sharing information without authentication.
These are all matters related to the communication process of organisations, especially communication via e-mail.
Major reputation damage as a result of data leaks
Data leaks are hugely detrimental to companies and organisations. On the one hand, privacy-sensitive or company information can fall into the wrong hands. On the other hand, there are all kinds of legal consequences and damage to reputation. For example, the majority of consumers (66%) don't even want to shop or do business with an organisation from which personal data has been stolen, according to research conducted in 2019.
And let's talk about fines. There are two levels of fines based on the GDPR. The first is up to €10 million or 2% of the company’s annual turnover of the previous financial year, depending on which one is higher. The second is up to €20 million or 4% of the company’s annual turnover. If reputation damage and loss of customers is not a good reason to protect your data, fines should be.
So why do organisations need to secure their digital communications? It's simply the source of most data breaches, so that's where the biggest risk lies.
Download the 'Safeguard sensitive information while working from home' e-book.
Cyber Security Awareness - Question and Answer (Q&A)
Curious about our other 'Cyber Security Awareness' Question & Answer articles? Discover multiple answers by clicking on the links below or view all Cyber Security Awareness Q&A videos on our YouTube channel.