Small and medium sized businesses have received a stark warning after the Information Commissioner’s Office (ICO) handed out a substantial fine to the victim of a cyber attack. The investigation revealed that the company held card details for too long, didn’t make password systems complex enough and allowed access to unencrypted data that contributed to the attack and failed to protect the details of its customers.    

Sally Anne Poole, ICO enforcement manager, said “Regardless of your size, if you are a business that handles personal information then data protection laws apply to you.  If a company is subject to a cyber attack and we find they haven’t taken steps to protect people’s personal data, they could face a fine from the ICO. Under new GDPR rules coming in – those fines could be a lot higher.”   

Moving companies handle personal data all the time so this industry is particularly at risk. 
 
On 9th October 2017 there is a one-day GDPR Summit designed to guide companies through the key principles of GDPR and provide an actionable framework towards compliance.  It costs £695 + VAT, register before the end of August 2017 for an early-bird discount (£495 + VAT).  More information from: http://www.gdprsummit.london