Why Data Control Is the New Black

Why Data Control Is the New Black

Being in control of your data and having solid data handling processes in place have become a license to operate for organizations in the GDPR era. Data control has therefore also become a vital competitive factor, meaning companies without adequate cybersecurity are running out of organizations to do business with.

By Stuart Beattie, Product Marketing Director, Omada | July 2018

Why Data Control Is the New Black

Being in control of your data and having solid data handling processes in place have become a license to operate for organizations in the GDPR era. Data control has therefore also become a vital competitive factor, meaning companies without adequate cybersecurity are running out of organizations to do business with.

An organization’s reputation and license to operate inevitably go hand-in-hand. Lose the license to operate, and your reputation soon follows suit.

In today’s GDPR era, the license to operate requires being in control of your data. Without it, your organization will head towards choppy waters in the shape of fines for non-compliance and lost business opportunities as business partners and customers look elsewhere for more secure partners.

While GDPR is not going to make data breaches go away, the legislation has introduced new – higher – standards for data handling. Improving data control is a positive step and should be viewed as such by organizations. Although external hacker and insider threats remain, the risks can be reduced, and the good practices established through GDPR compliance enable companies to not only better protect themselves but also to gain additional business benefits in the process.  

A surge of data leaks

In the past weeks, several large data leaks have emerged, and it is likely more will follow as we get used to the GDPR-era when more data leaks see the light of day.

In the UK, which has been particularly hard-hit, there have been several mass data leaks including:

  • Dixons Carphone’s breach involving unauthorized access to 1.2 million personal records and 5.9 million credit cards
  • Ticketmaster’s data breach affecting up to 40,000 people, where hackers stole names, addresses, email addresses, telephone numbers, payment card details, and Ticketmaster login details
  • Governmental health agency NHS Digital’s leak of data where 150,000 patient records were compromised
  • Luxury retailer Fortnum and Mason’s breach of some 23,000 competition and survey participants

The US is also reporting more data leaks, with Coca-Cola Group’s insider leak and more recently with Adidas warning customers of its US retail website, where personal details may have been compromised after a suspected data breach.

Closer to home for Omada, Danish supermarket group Coop announced that 17,500 members’ mobile phone numbers had been leaked through the retail firm’s SMS text consumer group. Coop acted responsibly and swiftly by reporting the leak to the local data regulator, but this is not always the case as organizations are often not so open and forthright about leaks.

Pan-Nordic bank Nordea experienced a smaller volume breach, but the level of sensitivity of the information leakedmade this case more significant. The breach included highly personal and sensitive information on individuals’ unions and political background, thereby posing a potential serious fine for the bank.

Although these are just some examples of the many data breaches to have occurred recently, the list shows how quickly the media and the authorities are picking up on the news post GDPR. Not only are the mega fines now a reality, but reputational damages are high and loss of business partners a new potential fallout.

GDPR inspires local data laws

The significant size of GDPR fines makes compliance relevant to most companies –including those outside of the EU’s borders. In the UK, the data regulator is closely aligned with GDPR, Australia and South Africa have similar legislation, and even California is introducing similarly strict data protection legislation. This illustrates how the once European-focused approach to data control is becoming the new global reality, the new black, if you will.

As organizations are realizing, fines are not the only aspect to fear. Lack of data control is making a dent in the organization’s reputation, resulting in loss of business down the line. This is what companies really should be afraid of and this is how GDPR is truly the new black, the new license to operate.

To continue competing in today’s markets, organizations now also need to take GDPR into consideration. Tom Engly, CEO of Danish insurance firm Tryg, recently told press that he sees good data security as an important competition factor going forward, and that to remain compliant with GDPR, organizations must evaluate the risk when dealing with suppliers in regard to system security and data usage. He concluded that companies which do not have adequate security will not have anyone to sell to. 

Make sure your business retains its competitive factor.

Keep updated about EU GDPR and IAM. Subscribe to Omada's newsletter and receive information about the latest EU GDPR articles, events, and product releases.

By using or further navigating this website, you agree to Omada's use of cookies. Click here to see our cookie policy.

Read Privacy Policy
Close