In case you have missed the hot news, GDPR is fast approaching, and yet is seems like many companies are not understanding the significance of the potential fines and the threat to their businesses. Is this because of insufficient publicity, or just a lack of interest? This article from the BBC was probably seen by millions of people, and yet it didn't mention GDPR. Perhaps even the tech journalists are not even fully informed, and it would be incumbent on everyone in the cyber security industry to help spread the word, before it is too late.
Companies that fail to protect themselves effectively from cyber-attacks will face fines of up to £17m, the government has announced. Energy, transport, water and health companies are expected to have "the most robust safeguards". Regulators will be able to inspect cyber-security at such companies, under a new government directive. In August last year, former Digital Minister Matt Hancock said imposing the fines would be a "last resort". At the time, the penalties were part of plans subject to a consultation that has now been completed.
