Security Roundup: Google’s GDPR Fine, KnowBe4, Cybint, Digital Training
… at the ready to level enforcements. So it does speak to them. I think a lot of organizations feel overwhelmed about it and at this point maybe they’ve been feeling overwhelmed because they’ve been trying to handle it internally. And with a fine of that amount, while it doesn’t seem like a lot for Google … it’s a message that will get a lot of people’s attention to say maybe we need to leverage some outside support or outside consultants on this to make sure we get it right.
CF: Are we likely to start seeing more fines of this type?
MD: Yes, it’s really going to snowball from here. The French authority took the first step and really showed other regulators what they could do and how much they could fine organizations for potential issues under GDPR. The French regulators are active and engaged, and there are other EU regulators … that are engaged as well, and there’s a cultural difference there. Some take a more lackadaisical approach toward it. But those that have been engaged but maybe they haven’t leveled any enforcement yet, I think this will give them more confidence to do so and their ability to do so.
CF: Also, we’re not just talking about huge corporations, but businesses of all sizes, right?
MD: Yes, it certainly could. This is obviously in the news, it’s everywhere and that means consumer awareness is more than likely up around it, companies more so as well. So when consumer awareness is up around a regulation, they tend to become more aware of their rights under it and make complaints, and that leads to more enforcements as well, and wakes up some companies that might be smaller than Google.
CF: What can we expect to see in terms of further data privacy regulation and how can businesses prepare for it?
MD: In the United States, we see it a lot here, so at this point we’ve got the California regulation that has been passed and it has similar consumer rights to the GDPR … and we also see privacy regulations even at the municipality and local level, in San Francisco even, so inside of California you have something more restrictive there protecting their residents. Politicians have put forth federal legislation and major organizations’ CEOs like Apple’s Tim Cook are calling for federal regulation. They see the writing on the wall. The privacy wave is here. It started with GDPR, but it really got folks’ attention all over the world.
For an organization that’s gone through a GDPR exercise, they may not have had their U.S. data within scope and will need to do that, but at least they have some experience with preparing for it. If they have not prepared for it, it’s going to be a little bit of a shift in how they think about personal data within their organization and how they protect it.
KnowBe4 Rolls Out Advanced Roll-Up Reporting
KnowBe4, which provides an integrated security awareness training and simulated phishing platform, has introduced Advanced Roll-up Reporting, a new feature the company has made part of its updated Account Management Console.
MSPs, resellers and IT administrators at large enterprises, who have multiple KnowBe4 accounts, can more quickly view account information and reporting metrics in aggregate across accounts.
“The human element of security is one that cannot be ignored,” said Stu Sjouwerman, KnowBe4’s CEO. “With social engineering attacks getting more specific and phishing attempts continuing to succeed, we have to ensure users are trained and tested. One of the best ways to make sure they are is to make it simple to review user performance of the KnowBe4 security awareness training and simulated phishing program. Advanced Roll-up Reporting makes it super easy for admins to see how organizations and users are performing. Now, instead of drilling down into an account for details, they can spend their time doing what really works: testing and training.”
Greg Kras, KnowBe4’s chief success officer, tells us partner input was taken into account with designing the feature.
“It allows partners to look at their accounts’ reports all at once, eliminating the need to go into each individual account and look at reporting,” he said. “It also allows partners to group the reports together however they see fit. It makes it easier to use the platform and it gives partners access to other features not available elsewhere in the market. And there’s no additional fee.”
Regional Hubs For Cyber Education Coming
Cyber-education provider Cybint Solutions plans to launch regional …