Ricky Magalhaes, head of cybersecurity at Logicalis, said that firms could be fined up to 20 million euros or four per cent of their annual turnover if their IT security is breached once the EU General Data Protection Regulations are introduced on 25 May 2018.
He added that the recent outbreak of the WannaCry ransomware virus, which crippled NHS IT systems, was a ‘wake-up’ for the threat of cyber-crime to all businesses ahead of the new regime. Ransomware attacks work by encrypting data held on IT systems and then demanding users to pay a ‘ransom’ to regain access.
Mr Magalhaes said that any organisations which lose access to their data through such attacks would be in breach of the GDPR .
‘The recent WannaCry cyber-attacks may be a good wake-up call for companies and organisations to improve their security,’ he said.
He added that the attack might encourage companies to update their systems as well as to train staff to be better equipped at avoiding cyber-attacks and minimising damage if they did happen.