GDPR Fines: Could Cybercriminals Bite Back?

A response from SMP about GDPR and the threat of cybercriminal activity –

In the 14 months since GDPR became enforceable, several high profile global organizations have incurred hefty fines in violation of the regulation. Most recently, this includes Marriott and British Airways.

For Marriott, the $123M fine comes out of the U.K.’s Information Commissioner’s Office (ICO) and stems from a data breach that exposed 500 million customer records. Further complicating the situation is the root of the hack, which originated with Starwood, two years before Marriott acquired the company.

In the case of British Airways, hackers stole the personal data of more than 500,000 airline customers beginning in June 2018. The ICO intends to penalize the carrier some $230M in response.

In the wake of these incidents, security experts, including SMP, warn that GDPR is changing more than just the cost of a breach – it’s impacting the entire security landscape. Companies operating in different countries, especially those in the European Union, face the cost of fines under GDPR and similar legislation like the California Consumer Privacy Act (CCPA), plus the cost of reparations to exposed customers and any associated litigation.

At the same time, SMP believes that cybercriminals could be taking note in hopes of blackmailing companies post-hack. It’s not that far of a stretch to capture customer data and in turn, demand $10M, especially when the company risks a fine upwards of $100M. That’s not a situation any organization wants to happen – and yet, the possibility remains.

To guard against the threat of cybercriminals and protect your organization, we recommend the following:

  1. Stay informed about GDPR and other legislative updates. Understand how and where these regulations apply to your business.

  2. Audit your current cybersecurity infrastructure, shore up any existing weaknesses and update your protocol to ensure compliance.

  3. Actively monitor these systems and information continuously with the support of a qualified team of experts. 

For more information, please contact SMP

Upcoming - ILTA LegalSec 2017

Security Management Partners will sponsor and exhibit at next week's LegalSec2017 conference in Virginia. Attendees are encouraged to meet with Ed Greenberg, Senior Security Services Account Director of SMP in Booth No. 27. 

"Two Days All About Security For Legal" - The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers.

When: Tuesday, June 13-Wednesday, June 14, 2017
Where: Crystal Gateway Marriott, Arlington, VA

Learn more:

NJBIZ Special Report: Cybersecurity

Don't have a good cybersecurity plan in place? Then don't plan on getting a lot of business in the future says this NJBIZ article featuring commentary from SMP's own Peter Bamber. A follow up to a May 17 event, the article explores current cybersecurity trends. 

For more on this topic, as well as what organizations can do to protect their information, join SMP on June 13 for a special cybersecurity panel discussion at the Hyatt Regency in New Brunswick, NJ. Additional details and registration is available here:

From NJBIZ - Another attack is coming — here's the No. 1 thing to do (and not to do)


The worldwide ransomware attack over the weekend was halted before it could cause the global shutdown many feared.

The biggest question in the aftermath: Did the U.S. simply dodge a bullet?

Peter Bamber, the vice president at Security Management Partners, said it doesn’t really matter either way.

“Dodging a bullet?” he asked. “The guns are loaded — they are still shooting; that’s the way I look at it. They are going to come right back at us with this. They’ll just tweak it a bit.”

Read the full article at NJBIZ:

Upcoming - Cybersecurity: A Panel Presented by NJBIZ

Understanding and managing cyber risks have become top priority for leaders in business and government. Now more than ever, a cyber attack is an omnipresent threat, requiring organizations to fully appreciate the risks and the steps needed to mitigate them.

Peter Bamber of SMP joins other panelists to share views on the latest technological trends and weigh in on the issues that businesses are facing in cybersecurity. 

Representatives from Security Management Partners will be in attendance.

When: Wednesday, May 17
Where: Raritan Valley Country Club
Time: 8:00am – 10:00am

Learn more and register here: