The ECOVIS ProventusLaw Data Protection, Cyber, and IT Security, Operational Risk Team has drawn up the following list of recommendations on how to increase cyber resiliency, both for businesses and consumers.
Recommendations for Business
- Implement breach detection, investigation, and internal reporting procedures at your company. You will be prepared in advance for crisis management and this will facilitate decision-making, responsibilities etc.
- Keep a record of any personal data breaches, and an investigation report.
- Report known personal data breaches to the relevant supervisory authority. This must be done within 72 hours of becoming aware of the breach.
- Where feasible, ensure fair communication with affected data subjects and explain to them how to mitigate the risks.
- Ensure both external and internal communication about what has happened.
- Make an action plan on how to prevent similar issues in the future.
- Train your staff.
- Use the salt (cryptographic) method for passwords, where certain characters are inserted in each password during encryption. This makes stealing the password hashes worthless.
- Ensure continuous monitoring of IT systems and improvement of cybersecurity systems.
- Perform regular IT security tests and/or audits.
Recommendations for Consumers
- Change a leaked e-mail password.
- Do not use the same passwords for different logins on different systems.
- Do not use work e-mail accounts for personal services.
- Use a password manager to create different passwords for all sites.
- Consider changing personal documents (to prevent your data from being used for fraudulent purposes).
- Warn relatives of possible cases of fraud and false reports against them.
- Do not distribute or share stolen personal data or references to it, as such behaviour only adds to the crime committed.
Implementing these requirements will help organisations to ensure compliance with the General Data Protection Regulation, explain the Ecovis experts.
For further information please contact:
Loreta Andziulytė, Attorney at Law, Partner, ECOVIS ProventusLaw, Vilnius, Lithuania
Ecovis is a leading global consulting firm with its origins in Continental Europe. It has almost 8,500 people operating in nearly 80 countries. Its consulting focus and core competencies lie in the areas of tax consultation, accounting, auditing and legal advice.
The particular strength of Ecovis is the combination of personal advice at a local level with the general expertise of an international and interdisciplinary network of professionals. Every Ecovis office can rely on qualified specialists in the back offices as well as on the specific industrial or national know-how of all the Ecovis experts worldwide. This diversified expertise provides clients with effective support, especially in the fields of international transactions and investments – from preparation in the client’s home country to support in the target country.
In its consulting work Ecovis concentrates mainly on mid-sized firms. Both nationally and internationally, its one-stop-shop concept ensures all-round support in legal, fiscal, managerial and administrative issues.
The name Ecovis, a combination of the terms economy and vision, expresses both its international character and its focus on the future and growth.
ECOVIS AG Steuerberatungsgesellschaft
Ernst-Reuter-Platz 10
10587 Berlin
Telefon: +49 89 5898-266
Telefax: +49 (30) 310008556
http://www.ecovis.com
ECOVIS AG Steuerberatungsgesellschaft*
Telefon: +49 (89) 5898-266
E-Mail: gudrun.bergdolt@ecovis.com
