To get started, click accept below to bring up the cookies management panel. Next, tap or click on the Personalization button to turn on the chat feature, then Save.
Bill Mew is a key opinion leader, digital ethics campaigner, and entrepreneur. As a key opinion leader, Bill focuses on striking the right balance between “meaningful protection,” where he has been ranked as the top global influencer for data privacy, and “the maximization of economic and social value,” where he is also one of the top influencers for everything from cybersecurity and digital transformation to govtech and smarter cities. He also makes weekly appearances on TV/radio (BBC, RT, etc.) as an expert on these topics—with more broadcast airtime than any other technologist in the UK.
As an entrepreneur, Bill is the founder and CEO of CrisisTeam.co.uk, where he works with an elite team of experts in incident response, cyber law, reputation management, and social influence to help clients minimize the impact of cyberattacks.
We are ALL responsible-collectively and individually
In many organizations, there is a prevailing attitude that cybersecurity is something only a CISO does, or that privacy is something only the compliance department does. Unless there is more collective responsibility for both cybersecurity and privacy, our data will not be secure and if things go wrong, we’ll all be held liable-both collectively and individually.
In such organizations, senior management is still failing to take cybersecurity and data privacy seriously. All too often they believe that these are tasks that can be delegated to the CISO or DPO (Data Protection Officer) and forgotten about. If senior management continues to see things this way, it is hardly surprising when this kind of attitude permeates down through organizations and staff at all levels fail to take these issues seriously.
3 Things Organizations Should Think About:
1. If your procurement manager opts for unencrypted devices
If the decision to procure unencrypted USB drives, SSDs, or IOT devices is based purely on price, without considering whether they are secure or have hardware encryption, then those unencrypted devices create a cyber vulnerability. This puts the whole organization at risk of a data breach.
2. If staff reuse passwords or take shortcuts to bypass security measures
If staff fail to follow basic cybersecurity rules and are careless with passwords or email attachments, they are putting the security of the entire organization at risk. Cyber criminals actively target weak or known passwords and use phishing tactics to compromise the security of their victims. These are some of the most common attack vectors for cyber incidents.
3. If a CMO takes the occasional chance with the use of private data
The GDPR stipulates that personal data can only be collected with consent for a stated purpose. If you harvest or share data illegally then you are putting everyone at risk of major fines and litigation.
Who is responsible if these things happen? Organizations are and SO are we!
We all need to take cybersecurity and data privacy seriously
If you see that your organization is using unencrypted USB drives, SSDs, or unsecure IoT devices, you need to speak out. If you notice your colleagues failing in their cyber hygiene, you need to speak out. If you witness a member of the marketing department using customer data inappropriately, you need to speak out.
Change of culture is key
If we are to change attitudes and make people take cybersecurity and data privacy seriously throughout the entire organization, from top to bottom, we need to change the cultural mindset.
There are plenty of incentives for organizations to do so. There is clear evidence that customers will happily do business with organizations they think will take care of their data and are more reluctant to do business with those that do not. Retaining customer trust and avoiding any kind of cybersecurity incident that can undermine such trust should be at the forefront of all our minds.
In addition, there are plenty of deterrents to make organizations take data protection seriously. For starters, the GDPR stipulates a maximum fine of €20 million or 4% of annual global revenue-whichever is greater-for EACH incident. The cost of fixing an incident can run into millions and if it’s a ransomware attack, the cyber criminals could be demanding a multi-million-dollar ransom on top of this. You could also face litigation from the people whose data was compromised.
As if such sanctions on an organization were not enough, there are also emerging sanctions on individuals as well. A recent case in the US set a new precedent for a cyber incident case, when board members and a CISO were individually named as defendants. A report by analyst firm Gartner has predicted that CEOs could soon be personally liable for cyber-attacks.
As citizens and as customers, we want organizations to protect our data. And when we are responsible for the data of others, the standards need to be just as high. We should be concerned—both collectively and individually-that we could all be held liable. But we should be equally motivated to focus on data protection because it is the right thing to do.
#KingstonIsWithYou
Ask an Expert
Kingston can offer you an independent opinion on whether the configuration you’re currently using, or planning to use is right for your organisation.
Self-encrypted SSDs
We offer advice on what benefits SSDs will bring to your specific storage environment and which SSD is most suitable for your mobile workforce to ensure you are working securely on the go.
Organizations must consider revenue, profit, and risk equally in order to mitigate data security & cyber security risks. In this article, industry expert Bill Mew provides an insight into this topic.
Choosing the right SSD for your server is important since server SSDs are optimized to perform at a predictable latency level while client (desktop/laptop) SSDs are not. These difference result in better uptime and less lag for critical apps and services.
What strategies can organizations use to best secure customer data in a post-GDPR world with the ever-evolving nature of cyber security threats? Kingston pooled the knowledge of some of the UK’s most experienced commentators in cyber security to discuss how data protection has changed since the introduction of GDPR.
You already know that remote working is a business enabler. But the challenges posed to your network security and compliance with GDPR are too big to ignore.
This program offers the options most frequently requested by customers, including serial numbering, dual password and custom logos. With a minimum order of 50 pieces, the program delivers precisely what your organization needs.
End-to-End Data Protection protects customer’s data as soon as it is transferred by the host system to the SSD, and then from the SSD to the host computer. All Kingston SSDs incorporate this protection.
Why do companies need to use Self-Encrypting Drives (SED)? What is TCG Opal 2.0, AES 256-bit Hardware Encryption and what are the benefits for a company, its departments and data protection best practices?
Overall, Kingston / IronKey Encrypted USB Drives prove to be the best solution in reliability, compatibility and security for portable data protection solutions.
Case in point, Heathrow Airport in London (October 30, 2017) uses Unencrypted USB Drives for its non-cloud storage. Unfortunately, they were not standardized on Encrypted USB drives. Their lack of implementing proper standards in data security / data loss protection with encrypted USB storage has now cost the EU a major breach of confidential and restricted information.
The recent WannaCry ransomware made global headlines infecting and alerting everyone from government, healthcare, communication providers, automotive companies to corporations and the general public of their vulnerabilities.
Linus breaks down hardware encryption making sure your files are safe and secure, especially when you're on the go. Make sure your portable storage is also safe and encrypted with Kingston Encrypted USB drives.
Testing is a cornerstone of our commitment to deliver the most reliable products on the market.
We perform rigorous tests on all of our products during each stage of production. These tests ensure quality control throughout the entire manufacturing process.
NVMe (Non-Volatile Memory Express) is a communications interface and driver that defines a command set and feature set for PCIe-based SSDs with the goals of increased and efficient performance and interoperability on a broad range of enterprise and client systems.