Research has shown that the fear of fines through GDPR is making some firms more likely to pay cyber ransom than report the breach. This is a very scary thought and extremely counterproductive. Why is this happening and what could be done to prevent this?
In the past, cyber attackers have often been unaware of how much stolen data is worth to organisations. However, the implementation of GDPR means that organisations can be fined up to 4% of their global annual turnover or €20m, whichever is greater, if found to have a data breach. These fines effectively provide cyber criminals with a price point for criminals to understand how much the data is worth to organisations.