World | Technology GDPR raises major cybersecurity concerns 1.29.2019 | Mathieu de Lajartre It is estimated that 65 per cent of data leaks are the result of malicious malware or phishing attacks. But how many firms admit they’ve been breached? Facebook Twitter Linkedin Email While 15 per cent of “data leaks” are caused by (internal) human error, it is estimated that 65 per cent of them are the result of malicious malware or third-party phishing attacks (Shutterstock/Maximumm) While privacy remains a top concern after the European Union rolled out the General Data Protection Regulation (GDPR) eight months ago, (see GDPR, 8 months in: ‘These issues can longer be ignored’) a number of other cybersecurity challenges have also come to light. While 15 per cent of “data leaks” are caused by (internal) human error, France’s Commission nationale de l’informatique et des libertés estimates that 65 per cent of them are the result of malicious malware or third-party phishing attacks. Sometimes, the problem comes down to a programming error. As recently as last September, Facebook acknowledged a breach that allowed 1,500 apps to access photos that users had not posted to the platform and therefore should not have been accessible to third parties. It took about 10 days to seal the leak. But for every business that admits a breach, how many others are keeping mum? How many don’t discover the scope of the problem until it’s too late? Marriott International—hotels are prime targets for hackers—announced in late November that the data of 500 million of its customers, including passport and credit card numbers, may have been subject to theft since as early as 2014. Although the hotel chain reported the breach with the relevant authorities, a Europol study revealed that many hacked companies would rather pay a ransom to a hacker than report the incident and pay a fine. And yet, such payments only fund further attacks, and are no guarantee that the hacked information will not be disclosed or otherwise exploited. In other words, there is still much work to be done. However, Patrick Boucher, president of Gardien Virtuel, a Quebec firm specializing in data security, believes that a trend has begun, and that it will gradually expand. “For years, we’ve been explaining to people how important it is to back up their data regularly and store it outside the office, and yet, even for something so obvious, the message still doesn’t get through,” he says. “So it’s no surprise that the GDPR seemed somewhat unclear to some people in the beginning. But it’s an excellent tool for raising awareness of data risk management. The new eugdpr.org website will also help clarify things.” For Boucher, there will definitely be a snowball effect. For example, California—the cradle of the web giants—recently passed a law similar to GDPR (the California Consumer Privacy Act), which will go into effect on January 1, 2020. LEARN MORE ABOUT GDPR CPA Canada has published several articles on the GDPR, including GDPR: A Primer for Canadian Businesses, The GDPR is here and companies are rushing to comply with the EU’s new global standard for data privacy and The GDPR protects personal data and 4 other things to know about the EU’s new regulation. Related Articles World | Technology Infographic: The Internet of Things (IoT) is a booming business 2.13.2019 | Mathieu de Lajartre Made up of devices—from smart wristbands to aircraft engines—that can connect and transmit over data over the internet, the IoT is saving individuals and organizations time and money. Tipped to cross US$1 trillion by 2022, here’s a look at how this connectivity is changing the way we do business and simple everyday tasks. World | Technology GDPR, 8 months in: ‘These issues can no longer be ignored’ 1.29.2019 | Mathieu de Lajartre From fines to data breaches to more than 95,000 complaints, privacy remains a top concern for consumers. But what are organizations doing about it? World | Technology Hard to say goodbye: Are your deleted mobile apps still stalking you online? 11.20.2018 | Ethan Rotberg Some app developers are exploiting a loophole to see when you’ve deleted an app—and targeting you to reconnect About the Author Mathieu de Lajartre After spending more than 15 years in the book industry (mainly business publications), Mathieu de Lajartre joined CPA Canada in 2015. Based in Montreal, he is the Associate French Producer for the new digital platform, specializing in producing content for French-speaking readers. Mathieu is also responsible for the French-language version of Pivot, CPA Canada’s newly launched magazine. Linked In Most Popular Canada | Personal Finance Time to set the record straight about these 5 RRSP myths 2.5.2019 | Margaret Craig-Bourdin Come RRSP season and consumers are often faced with a confusing jumble of misguided notions about this retirement savings vehicle. Here are some facts. Canada | Economy The (big) costs of lying on your mortgage application 2.4.2019 | Margaret Craig-Bourdin Any borrower who is tempted to alter the facts in order to secure financing should think long and hard before doing so. Here’s why. Canada | News Tax system review will boost business, better serve Canadians 1.31.2019 | Sophie Nicholls Jones CPA Canada calls for review and possible overhaul of system in latest tax report. Huge complexity and a lack of access to social benefits are key concerns. @Work | Tools Nail that raise with these 3 expert salary negotiation tips 1.28.2019 | Mathieu de Lajartre This is the year to ask for a raise and other benefits. But it’s important to be prepared in order to get what you want.