In a nutshell, a data subject access request – or DSAR for short – is when someone asks a organisation for a copy of all personal data they hold about them, and then that organisation provides it in a clear and structured way. In addition to the data itself, DSARs allow a data subject (like you or me) to find out things like what the organisation is doing with the data, who they’re sharing it with, how long its held on to for, where they got it from, and so on.

With cyber criminals operating around the world, it’s more important than ever that businesses start understanding IT security. Afterall, 86% of UK organisations expect cyber attacks to increase, and 33% of hacked companies admit to losing customers after a breach. As an individual, a business, or a government or a nation-state, IT security is something that should be taken seriously.

It’s hard to ignore the GDPR these days, with headline-making fines and regular news updates on the continuing impacts of data protection post-Brexit. Most business will be aware of what they have to do for the GDPR, with increasing numbers actively doing something about it. But there is another privacy regulation that UK businesses must comply with.

All sources agree that cyber crime is increasing year on year, putting businesses small and large at increasing risk. Attacks jumped by 31% during the height of the 2020 pandemic alone, and is predicted to cost the global economy over $10 trillion by 2025. In order to stay ahead of the hackers, savvy enterprises are stepping up their security scanning regimes by using vulnerability scanning and penetration tests to uncover security flaws.

As you may be aware, prior to the end of 2020 there was a lot of debate about what would happen to GDPR on 1st January. Given that the trade negotiations went down to the wire, we were all left in the dark until the deal was done on Christmas Eve. But what are the main headlines from this deal and, more importantly, what do they mean for UK businesses?

There’s no doubt that the internet has made almost every element of our lives easier. Virtually everything now has an online presence, from multi-national social media goliaths to your local bakery. Though this has its advantages, it also creates risk. Convenience comes at a cost, and all too often consumers and businesses alike don’t pay enough attention to cyber security until it’s too late.

At Bulletproof, we have a fantastic team who power our compliance services, which include GDPR, ISO 27001, Cyber Essentials, training, and act as our all-knowing outsourced Data Protection Officers. Both cyber security and data protection are crucial corporate responsibilities that we believe should be at the heart of any company’s day-to-day operations.

Now that 2021 is proving to not be the fresh start many hoped for, it’s time to re-examine the security lessons learnt in 2020. As the transformational business challenges of the last 12 months demonstrated, security should always be high on the agenda no matter what your organisation size. After all, as we revealed in our 2021 annual cyber security industry report, hackers don’t care what size or type of business you are – only if you’re an easy target.

The cyber attack unfolding in the US may turn out to be the most serious nation-state espionage campaign in history The Bulletproof SOC is actively monitoring the situation regarding SolarWinds and the Sunburst attack as with all new attacks. We do this to ensure we have a clear understanding of the potential threat to our customers and to build better innovative detection mechanisms, maintaining a prime position to support our customers as a true extension to their team.