In August 2024, the ICO provisionally imposed a £6M fine on an IT services provider after a ransomware attack exposed critical vulnerabilities. This case highlights the crucial cyber security obligations of data processors, including the use of multi-factor authentication and regular vulnerability checks. Watch our webinar to learn how to protect your business from similar risks, meet regulatory expectations, and avoid costly fines.
Discover the lessons from this incident and gain practical insights into safeguarding your data processing operations.
Watch now
Watch our webinar “Cyber Resilience for Data Processors: What the ICO Expects”, featuring insights from our Director of Legal Services, Robert Wassall and Data Protection Associate, Izzy Gibson, where they delve into the ICO’s cyber security expectations.
5 Questions:
- What is the background for this case? (i.e. what happened?)
- What were the factors that lead to the ICO deciding on the provisional fine of £6m?
- Can you tell us about the difference between being a data controller and a data processor in these situations, who does the ICO hold responsible for breaches?
- Why is this particular case significant in understanding regulatory approach?
- What lessons can organisations take away from this? What actions can/should be taken?
Why Watch?
- Gain valuable insights from leading experts in data protection and legal services.
- Understand the latest developments and compliance requirements.
- Learn practical steps to avoid ICO scrutiny.
- Engage in a Q&A session to address your specific concerns and queries.
