"GDPR Compliance Is Not Cybersecurity, Says Analyst"

General Data Protection Regulation (GDPR) fines are forcing businesses to reconsider their cybersecurity strategies. However, experts are concerned that, despite compliance looking good on paper, it does not translate into better protection in practice and may end up costing them more. Global fines, including those charged under the EU law, account for 6 percent of the 13.5 billion pounds lost by British businesses as a result of the "most notable data breaches" reported to the Information Commissioner's Office (ICO) between 2019 and 2022, according to research conducted by the cybersecurity firm Imperva. There are concerns that the fear itself may be the problem. UK organizations, anxious to avoid penalties, are engaging in "tick-box" exercises that may render them compliant on paper but leave them vulnerable to cyberattacks in reality. Although regulators are taking a tougher stance on data breaches and ICO penalties have increased nearly tenfold since the implementation of GDPR fines, there is still a risk that organizations will prioritize compliance measures over those that provide real data security, according to Terry Ray, senior vice president of Imperva. This article continues to discuss cybersecurity concerns surrounding GDPR compliance. 

Cybernews reports "GDPR Compliance Is Not Cybersecurity, Says Analyst"