To mark Data Protection Week (Data Protection Day is celebrated on the 28th of January), we want to remind you of the importance of protecting your data. GDPR first came into effect in 2018, when it was made mandatory for businesses to secure their data.

Whether you employ staff or work for yourself, you’re responsible for protecting the personal data of (or information about) anyone who comes into contact with you – including your customers, suppliers and staff.

What does a business need to cover with GDPR now that we are no longer in the EU?

At the moment we are still using the 2018 GDPR rules until new guidelines are published. The second draft of the new guidelines are due to be published in Q2 of 2022, then we will have more of an idea of what to expect.

If you're an SME and you're looking for some reliable, bite-sized advice on how to build trust and save money through stronger data protection compliance. Take a look at this ,ICO data protection basics for small organisations, including small businesses and sole traders

Why is Data Protection so important?

We know some businesses still don't understand why data protection is essential. In 2022 Veeam Software published a Data Protection Report showing even more ransomware attacks are hitting businesses. The report showed 85% of organisations had at least one ransomware attack in the previous year.

Cybercriminals continue to create new ways to attack small and large businesses alike. It doesn't matter what industry you came from, you were (and still are) a target. The good news is that the budget for data protection is increasing, with organisations across the globe increasing by 5% in 2023 - often with increased investment in cybersecurity tools.

The data you have on your systems, whether it is to do with your business itself or if it's to do with your clients and suppliers, is one of your digital assets. That asset is something that cybercriminals want and if they get ahold of your data they can use it in multiple ways. From ,ransomware to selling it on the dark web. Your company's reputation can be damaged and you can lose income if you have to respond to a cyber attack.

Don't get caught out. ,The ICO say that if you don't, take adequate security measures to prevent or contain a data breach, this could lead to a fine. This is because it's the law to protect people's data if you're a controller. There are a number of steps you need to take to show you take your responsibilities seriously – some are straightforward, while others take a little more thought and planning.

Here at the Cyber Resilience Centre, we have developed a Cyber Health Check to provide your business with a summary of your risks and an action plan to help you protect against the latest cyber threats. So take, the self-assessment questionnaire today to gain an overview of your business's cyber resilience and see if you're protecting your data securely.

Does my organisation need a data protection officer (DPO)?

Data Protection Officers are only required for your organisation if the law states you need one. The ICO can help determine if you need a data protection officer (DPO). You can voluntarily appoint one if you feel the need to.

Data Protection Officers oversee your practices and ensure that you are following the guidelines correctly. You can even hire an independent DPO to check what you're doing is correct and give you some advice moving forward.

How can the Cyber Resilience Centre help my business?

Have you ever thought about how vulnerable your network is to cyber-attacks? We can run a ,Network Vulnerability Assessment which scans and reviews your internal networks and systems. Our aim is to look for weaknesses such as poorly maintained or designed systems, out-of-date services, insecure access controls, or opportunities to access and steal sensitive data.

We can then report in plain language, what each weakness means to your business and the risks associated with each. With a full plan and guidance on how to fix any discovered weaknesses. ,Talk to us today if you want to check your vulnerabilities.