U.K. businesses face tremendous challenges in fighting data breaches and avoiding fines that could be imposed as part of EU legislation. A report that cited findings from the Payment Card Industry Security Standards Council (PCI) suggests that severe penalties could be enforced even though the U.K. plans to leave the EU by 2019. Prime Minister Theresa May will allow EU law to apply in the U.K., but then she plans to repeal the laws after the Brexit.
The decision to impose the penalties is an attempt to manage the overwhelming cybersecurity problem affecting businesses in the U.K. Jeremy King, director of PCI said, “The new EU legislation will be an absolute game-changer for both large organizations and SMEs. The regulator will be able to impose a stratospheric rise in penalties for security breaches, and it remains to be seen whether businesses facing these fines will be able to shoulder the costs.” King advises U.K. firms to immediately initiate security standards and procedures to protect against cybersecurity threats.
Here are the data:
£122 billion | The amount in fines that U.K. business could collectively face in 2018 for cybersecurity breaches
£18 billion | The maximum penalty for breaches as part of new EU legislation; this is 4 percent of global turnover
£11 million | The average in fines a large company would face in 2018 if breaches continue at the same pace; the average fines for a small company would be £13,000
90 percent | The number of large U.K. organizations that claimed to have had a breach in 2015
74 | The number of small U.K. organizations that claimed to have had a breach in 2015