Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous problems for organizations. Not only can companies suffer serious service disruption and reputational damage, but the loss of personal data can also result in huge fines from regulators.
Take British Airways as an example. In 2019, the airline was fined more than £183m by the UK’s Information Commissioner’s Office (ICO) after customer data was compromised in a cyber-attack. Customer details, including name, address, logins, and payment card, were harvested by hackers – affecting half a million customers in total. The fine, which amounts to around 1.5% of British Airways’ global 2018 turnover, was the first proposed by the ICO under the new General Data Protection Regulation (GDPR).
Cyberattacks like this are hitting the headlines with increasing frequency. But