Following news that British Airways is facing a lawsuit for its failure to protect the personal data in 2018, please see the comment below from cybersecurity experts.
<p style=\"font-weight: 400;\">The news of an impending lawsuit is the latest in a series of blows suffered by British Airways after the airline was handed a £20 million fine back in October. At the time the size of the fine was smaller than many people expected, but as is always the case with cyber incidents, the impact in terms of customer trust was significant. Now, the threat of a huge penalty being meted out as a result of this lawsuit is only going to cause BA further damage. It should serve as a wake-up call to organisations of all sizes of the potential severity of penalties faced by those who fail to recognise that cybersecurity can no longer be treated as a lower priority activity.</p> <p style=\"font-weight: 400;\"><br />Organisations are required to demonstrate the utmost care and due diligence when applying relevant processes and procedures for good data hygiene. As well as being subject to GDPR and the legal, financial and reputational implications that come with it, organisations have a duty of care to their customers. Preventative measures are simply not sufficient. The onus is on organisations to make sure they have done everything they can to protect customer data, applying ongoing monitoring of key systems and putting robust response procedures in place to minimise the impact should the worst happen and a breach occurs. Failing to do so can have very extremely complex and costly consequences.</p> <p style=\"font-weight: 400;\"><br />In order to avoid the embarrassing legal, financial and reputational consequences customer data breaches, organisations must adopt a layered security approach that includes people, process, and enabling technologies to reduce the risk, minimise the impact of a breach should one occur, and demonstrate diligence and best practice to both customers and governing bodies.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics