UK facing increased fines for data security

Companies are being warned to ensure they protect data against potential cyber crime and misuse.

A report from PwC found many firms are not yet prepared to meet the requirements of the General Data Protection Regulation (GDPR) changes.

Last year, a total of 23 enforcement notices were issued by the ICO alongside fines of £3.2 million - double the amount seen in 2015.

Although the GDPR will not be introduced for another year, PwC claims UK businesses need to make significant changes now otherwise the financial costs are set to continue to rise.

Stewart Room, PwC’s global cyber securityand data protection legal services leader, believes many companies are failing to understand the new legislation and may need to look at increasing the cyber security skills of staff.

“We’ve performed more than 150 GDPR readiness assessments with our clients around the world. Many struggle to know where to start with their preparations, but also how to move programs beyond just risk reviews and data analysis to delivering real operational change,” added Mr Room.