At the International Cyber Security Forum in Lille on 30 January, a presentation was made by the law firm PwC and Besse, an insurance specialist, a barometer produced by their services that highlights cybersecurity risks, in accordance with CNIL rules, made available to the public on the data.gouv.fr website.
This article will also interest you: Cybersecurity to the test of connected cars
This barometer is called "Data Breach" and provides major trends on the various data breaches recognized by the CNIL. A report was submitted from 2019, where 5.7 of the violations laid bare through a daily denunciation. Whereas in 2018 we were talking about 4.5. 536 of its violations were settled compared to 803 last year.
According to experts, this barometer offers nothing new because it merely highlights the violations and the contexts in which they took place and, if possible, determines the wrongs. Furthermore, it is important to note that the concept of personal data has evolved in light of the general regulation of personal data, which now regards it as "any information associated with a name, any information that identifies anyone and any data that allows the direct or indirect identification of persons. ».
In addition, "sensitive data" has been defined as "information relating to genetic, biometric or health data, information relating to union beliefs, philosophy or opinions, information about ethnic origin, political opinions or sexual orientation. ». This is data that alone accounts for 10.4% of all information that is constantly diverted into constant violations of information systems when January 1, 2018 and June 30, 2019.
the initiators of this study who are both lawyers and insurers wanted to highlight the various legal and administrative risks, companies that manage all of this data are exposed, to risk paying up to 4% of their turnover as a fine in the event of a management error.
Moreover, the study highlighted yet another point that was known to virtually all. This is because the majority of data leaks were due to intrusions of information systems for malicious purposes. However, the second cause of these violations is internal negligence in the management of companies. Thierry Delville, Cy Intelligence Partner, PwC France, said: "The first observations make it possible to say that in view of the initial findings, the sector is not immune: finance, trade, media, communication, industry… the reality of data leaks closely follows that cyber threats. All concerned: public sector as well as private sector, merchant or non-market, this is the lesson that can be learned more than a year after the implementation of the RGPD. ». In other words, all industries through the problem of data breach as well as cybersecurity.
Now access an unlimited number of passwords: