Skip to content
City PM
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
Wednesday 15 February 2017 10:02 am

Protecting data must be board-level priority

By: Elliott Haworth

Add as a preferred source on Google

The Queen has officially opened the National Cyber Security Centre, a government nerve centre that aims to protect the economy, state institutions and critical infrastructure from the growing threat of cyber attacks.

Private businesses are also vulnerable. With so much of the City’s business conducted through digital networks, the threat from malicious actors is real. And yet, while any government help to protect the business community is welcome, the onus of protecting personal data, and providing greater transparency over how it is used, does not fall on the state’s shoulders.

The EU’s General Data Protection Regulation (GDPR) will be enacted in less than 16 months. Although it will be implemented during the Article 50 negotiations, those who thought, or perhaps hoped, that Brexit would negate the impending overhaul of data regulation will be disappointed.

Survey after survey demonstrates that those who have even heard of GDPR are in the minority, with alarmingly few firms having made plans for the imminent restructure it demands. You only have until May 2018 to assess how your business uses, handles, and processes personally identifiable information, whether belonging to clients, customers or employees.

Data governance is at the heart of GDPR, creating significant operational, technical, and organisational obligations for the private sector. Regular audits, impact assessments and the imposition of compulsory data protection officers for some firms will drag many kicking and screaming into this new era.

For those still unconvinced, the penalty for compliance failure is up to four per cent of global group revenue, or €20m – whichever is higher. If that doesn’t drive the gravity of data governance to an executive level, nothing will.

Beyond GDPR, and to really hammer home quite how serious data governance should be taken, while giving evidence to the Commons committee for the Digital Economy Bill, information commissioner Elizabeth Denham expressed support for making company directors personally liable for breaches of data protection law

GDPR should not be taken as a threat: its virtues have been extolled by many in the data world for years as best practice. Hindsight is a wonderful thing, but had executives taken data governance seriously in the first place, perhaps we would not be here today.

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • Jobs and Money
  • News

Categories

  • Business
  • Legal
  • Personal Development

Trending Articles

  • Harry Styles at Wembley Stadium review: running through the grief

  • Nottingham Forest owner Marinakis announces £210m stadium plans

  • Burnham told to launch £100bn tax reform package

  • I’ve taken the best train trips in the world. Here are my 5 favourites

  • Natwest boss becomes latest City figure caught in AI social media scam

More from City PM

  • Gambit Cyber Launches Vizier AI – An Autonomous Security Intelligence Workspace for Continuous Exposure Management

    Business Wire
  • The Debate: Should CEOs be held personally accountable for cyberattacks?

    Opinion
    Evil-looking keyboard symbolizing cybersecurity threats and hacking risks in a digital landscape.
  • ‘Protecting children is right’: Starmer takes on Big Tech with social media ban for under-16s

    Politics
    Keir Starmer speaks in Downing Street
  • Government intervenes on foreign takeover bids for UK defence firms

    Industrials
    UK defence strategy meeting, officials discussing military advancements and security measures in a conference room setting
  • Professional services firms the ‘flavour of the month’ for cyberattacks

    Prof Services
    The ICO said it initially planned to fine Capita a total of £45m, but this was later reduced by “mitigating factors”
  • Neo4j Acquires GraphAware to Launch Intelligence Analysis Alternative to Palantir Gotham

    Business Wire
  • HSBC coughs up $25m over Australian scam failures

    Banking
    HSBC's Canary Wharf office.
  • UK law clears hurdle for airlines to ban unruly passengers from travelling

    Aviation
    The Government’s ambition is for the UK to have 50 million international visitors a year by 2030.

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy