Data protection in the current IT landscape

Numerous companies and organisations struggle when it comes to understanding how to deal with cybersecurity and data protection issues. However, the vast majority are aware that they have to put effective strategies in place to safeguard their business from cybercriminal attacks.

The amount of online services and the ensuing exchange of personal data are constantly on the rise, with present business models relying on cutting-edge IT services and connectivity to meet consumer demand. With connectivity comes potential threats from external sources.

Traditionally, data protection strategies have been based on a three-level framework:

Staff awareness: making sure employees are informed on the current threats.

Process: a seamless, applicable process to mitigate hazardous malware, ransomware or cyber-attacks.

Technology: modern endpoint’s technology protection (such as firewall or anti-virus).

However, albeit the above steps are crucial, they do not completely guarantee the safety of an organisation. Hence the staggering increase in popularity of cyber insurance. Indeed, this business is growing almost at the same pace of the threats it is intended to cover. In 2016, the cyber insurance market accounted for an astounding $2.5 billion worldwide, projected to rise to $7.5 billion in 2020.

Obstacles to cyber insurance coverage

Nonetheless, both insurance companies and the consumers have a number of barriers to overcome.

From the insurer’s perspective:

• Ever-evolving cyber-attacks.

• Lack of data on the risk involved.

• Tunnel vision in coverages offered.

• Potentially dangerous risk accumulation.

From the consumer’s perspective:

• Inability to fully understand the cyber-risk, or the insurance options available.

• Hesitation in apportioning a part of the risk to a third party.

• Lack of standardization in cyber policies (as yet, there are no common terms for cyber risk resulting in differing terminologies from carrier to carrier).

• Ever-changing legal landscape.

• Cyber-risk often included as part of a broader range of coverage. can help both parties better understand the legal framework, difficulties of interpretation and even support R&I teams.


A Holistic framework: Business Process Re-engineering and functional toolkit for GDPR compliance

BPR4GDPR is one of the GDPR cluster projects that will provide a holistic framework able to support end-to-end GDPR-compliant intra- and interorganisational ICT-enabled processes at various scales, while also being generic enough, fulfilling operational requirements covering diverse application domains. Read this to find out more.

Future Events

IAM Online Europe live webinar - AARC Extensions to the REFEDS Assurance Framework

AARC is holding a live webinar on 27 June 2019 at 15:00 CEST, that will explain extensions to the REFEDS Assurance Framework and implementations that were devised in the AARC project.

Representation of the State of Hessen to the EU
04/07/2019 to 05/07/2019

Project CyberSec4Europe (Cyber Security for Europe) is holding it next event - "Representation of the State of Hessen to the EU" in Brussels, Belgium on 4-5 July 2019. 

Other three pilots are invited during CyberSec4Europe meetings.