Three Logicalis security experts are amongst the first IT professionals in Jersey to become accredited EU General Data Protection Regulation Practitioners.
Ricky Magalhaes, Managed Security Services Director, Logicalis, Security Specialist Greg Armes, and Security Consultant James McLaren, recently passed the EU GDPR Practitioner exams with the International Board for IT Governance Qualifications (IBITGQ), a leading authority in IT governance and standards.
The qualification is a recognition of the highest levels of expertise in the new data protection regulations.
Earlier this year, Logicalis Information Security Consultant Alex Colias become one of the first IT experts in the Channel Islands to qualify as an EU GDPR Practitioner after studying with Guernsey Training Agency’s University Centre.
Coming into effect next May, EU GDPR is designed to help protect the data privacy of individuals by making organizations improve the way they handle their data. The new regulations apply to all organisations that handle personal data of individuals, regardless of whether the data is processed in the EU.
Paul Johnson, Security Operations Manager, Logicalis, said: “Companies are having to take data protection more seriously and need well-trained experts to guide them through the process of preparing for EU GDPR. The new regulations make it even more important for organisations to improve their IT systems and data processing methods to ensure they’ve done everything possible to prevent data leaks.”
Under the new regulations, organisations have up to 72 hours to report a data breach, which makes round the clock monitoring of IT systems essential if companies are going to identify security breaches, and report them in time.
GDPR stipulates organisations must protect data confidentiality, integrity, and availability. A ‘personal data breach’ is defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Paul said: “Cybercrime such as phishing or social engineering attacks where hackers obtain passwords to access systems, or install spyware in systems could lead to infringements of data integrity and confidentiality. Ransomware attacks, where hackers encrypt files, can infringe data availability. Making employees more aware about the risks of cyber attack, and the implications for data security is the first step in becoming EU GDPR compliant."