Part Of The Fabric
Let’s say you like the idea of going digital; maybe a digital transformation on a small scale, seems attractive to you? You get an always-on-open presence, because we can trade 24x7x365 now; people visit your website; you tell them about your cookies and what you do with their PII (personal identifiable information).
Or, on the other hand, the thought of going digital scares you, because you think that having a digital presence is too far for you to comprehend…never mind getting someone to do it for you?
In both cases, there are pro’s and cons: but do nothing, isn’t an option now.
GDPR / Data Protection Has To Become Part Of The Fabric Of An Organisation
Most Lawyers Are Not Experts In Cyber Security, Data Management & Business Continuity
Always-on-open means always a target. To who, though? Well, think of your competitors, for starters. They want a slice of your market, even if you collaborate with them on other stuff. Yes, they still want a slice of your market, so they’ll employ software tools to steal your keywords. They’ll inspect your code, or the website site map for clues as to how quickly you keep up with the inexorable march of cyber security (and the most recent hacks)
Ok, lets think about data management. What if the worst case scenario happens…you’ve lost some data? How do you go about checking what you have, what you need and what you should have deleted, when accusations of mal-administration of data are rife?
Yes, hindsight is a fine thing. The lesser of two evils, business continuity, provides at best a block to disaster recovery: but it can also give you the flexibility to move into new markets, quickly. Table top tested business continuity can provide use cases, requirements gathering, team building and much more, if done with an all-possibilities approach.
Disaster recovery, the bigger sister/brother of business continuity provides that extra assurance that, come what may/known the business has a fair chance to leap back into business continuity and full business as usual, without too much fuss.
But all this takes time…and money, I hear you say. Yes, but you don’t need be fancy or spend in ordinate sums on what might happen: just include GDPR / Data Protection as part of the fabric of the organisation, and you’ll be fine.