Personal data is a big deal. In fact, data plays a major part in a trillion dollar industry.
You don’t have to go any further than Google or Facebook to see why. It’s why you get ads in your feed or on the pages you search. Only this summer, The New York Times reported that Facebook’s annual ad income had risen 56% to $28.6 billion, based on targeted ads.
As for Google’s ad revenue, well that’s even bigger at a reported $150 billion, so you can see why organisations place huge value in data.
Data breaches are a huge deal for companies. For instance here, in the UK, the maximum fine for a GDPR infringement was set in 2018 at £17.5million or 4% of annual global turnover, whichever is the greater.
For any company, that’s really going to hurt. And the thing is, breaches happen – even to companies that you’d think were on top of everything – for example:
British Airways were fined £22 million when the booking details of 500,000 customers were stolen in an online attack.
H&M were fined £33 million for GDPR violations, allegedly involving ‘monitoring of several hundred employees’.
To reduce the risk of these penalties, more and more companies are making staff aware of GDPR. Because, had GDPR training been in place, it’s likely the fines above could have been avoided.