- There are a host of measures that businesses need to consider when ensuring their IT systems are compliant. These include keeping software up to date such as operating systems, maintaining the best practice security and firewall measures, meeting the requirements of industry specific measures such as the Payment Card Industry Data Security Standard (PCI DSS) or the General Data Protection Regulation (GDPR), and accounting for local and regional government regulations.
- Non-compliance across any aspect of an IT system can leave it vulnerable to a cyber-attack.
- Not only can cyber-attacks result in massive financial cost to a business in terms of fines from regulatory bodies, such as a £20m fine in the case of British Airways failing to protect the personal details of more than 400,000 of its customers, but it can also be detrimental in a much wider sense depending on the industry. For example, for organisations that are part of extensive supply chains or providing systems to other businesses, a single cyber-attack can prove significant across organisations that rely on partners and third-party software.
- The pandemic, in combination with rapidly changing regulations, gives organisations even greater reason to utilise tools to discover and combat non-compliance and lean on the right expertise to ensure updated systems are in place.
– Mat Clothier | January 21, 2021
