County Commercial Bulletin
In the past 12 months, the UK has experienced several changes that impacted businesses across the nation, regardless of size or industry. Between growing cyber-security concerns from high-profile breaches and the GDPR, broken supply chains from a commercial CO2 shortage and the collapse of big-name companies like Carillion, various risks have taken precedence. Not to mention, 2019 will be another year of change as Brexit occurs. To prepare for a new year filled with emerging and evolving risks, the European Confederation of Institutes of Internal Auditing recently released their annual Risk in Focus 2019 report. Don’t let your business fall behind—be ready to tackle these top risks:
- Stepping up in cyber-security — This risk took the top spot on the list, with 66 per cent of organisations labelling cyber-security as one of their greatest risks. Consider these primary concerns:
- Staying safe on the cloud — Many businesses have transitioned to using the cloud for data services. However, Microsoft reported that the number of attacks on cloud-based accounts quadrupled in 2017, largely due to poor password management and phishing scams. If your organisation uses the cloud, it’s critical to establish a strong security framework.
- Securing your supply chain — Nearly 60 per cent of organisations experienced a cyber-attack that was caused by a supplier in 2017. Be sure that your business bolsters their entire supply chain with proper data protection initiatives.
- Ensuring compliance — Coming in second place, 58 per cent of organisations listed compliance as one of their top risks. Indeed, non-compliance can have severe consequences, including costly fines and a tarnished reputation. Be prepared with this guidance:
- Understanding the GDPR — Although this regulation has been in place for several months, more than 25 per cent of organisations report they still won’t be fully compliant by the end of 2018, according to TrustArc. Your business can’t afford to ignore the GDPR. Use the ICO’s website for compliance tips.
- Getting ready for Brexit—A wave of uncertainty remains for UK businesses, as official Brexit plans are still unknown. Regardless, it’s crucial for your organisation to prepare for the various outcomes, including a no-deal scenario. This entails planning for updated customs, altered supply chains, product compliance changes, and new contracts or permits for employees. In addition, sign up for government-issued email alerts regarding Brexit by clicking here.
How Disgruntled Employees Can Make You Liable for a Data Breach
It was a data breach nightmare for Morrisons when a disgruntled employee abused his access to the company’s payroll data. In January 2014, after copying the data onto a personal USB, the employee posted personal details of nearly 100,000 Morrisons workers on a file-sharing website.
But what happened next was even worse. While the employee received an eight-year prison sentence, the High Court took legal proceedings against the company itself as well. Although Morrisons was found to be compliant with data protection laws, the High Court and Court of Appeal recently agreed that the company was still vicariously liable for the disgruntled employee’s actions.
Especially in the era of strict data protection law under the GDPR, this situation emphasises the importance of being prepared and protected against any possible data breach situation. Contact The County Group today to discuss potential insurance solutions.