Cyber Magazine January 2023 | Page 42

CYBERSECURITY

data collection and processing to reduce the ‘ burden ’ on business , by , for example , abolishing the statutory requirement for organisations that process data to have an independent Data Protection Officer .

“ Instead , organisations will designate a senior employee to oversee its compliance with data protection rules . It also suggests introducing a new , ‘ flexible ’ accountability regime that allows businesses to decide on how far they will be compliant , based on the scale and their perceived operational risks .

“ Another key challenge is for those businesses wishing to operate outside of the UK . Under the new proposals , organisations would be able to take a risk-based approach to assessing the impact of transferring personal data internationally using standard contractual clauses . This change could present a real risk to the free-flow of personal data between the UK and the EU .

“ Such a risk-based approach may differ from EU approaches , where some data protection authorities have said that the GDPR ’ s provisions on transfers of personal data to third countries do not allow for this approach . The very nature of the new Bill is to simplify the UK ’ s data protection framework , yet , in reality , for businesses operating outside of the UK , it will cause more complexity and more confusion ,” she concludes .

Data breach insurance Cybercrime has become a highly lucrative operation ; it isn ’ t going away and is only set to worsen as companies continue to engage digital technology . Many have taken out cyber insurance to insulate themselves from the punishing costs of cyberattacks and data breaches .

Nevertheless , companies across the world are likely to face increases in the cost of insurance as the number of claims increase

VIVIAN DUFOUR CEO , METERIAN

42 January 2023