News

GDPR Workshop: Financially Gain from Your Compliance

Wednesday 19th January 2022

The LCR4 START team were joined by the GDPR Defender team who discussed what GDPR is, the importance of compliance, how to implement it within a digital strategy and how businesses can use this toward their competitive advantage…

Jonathon Clark, GDPR Defender

Introduction

Although GDPR is a government legislation, it can become an asset to your business, particularly when the time comes to sell or when people want to invest in your company. Many popular perceptions of GDPR are considered to only apply to large organisations, however, we would advise that these apply to all businesses, despite the size.

Why should you be bothered?

Personal data is considered to be the new oil by some; needing to be protected otherwise you and your business can be opened to some big fines.

With many grey areas, it can be difficult to know if you really are fully compliant, however, the good news is that there are absolutely several things you can do to make sure you are as compliant as possible.

The majority of small businesses wanting to ensure they remain as compliant as possible, go to specialist websites, for example for privacy notices. On occasion, this may be 50-70% acceptable, but if someone was to look at your GDPR compliance in detail, it could open you up to non-compliance issues.

Being more compliant

There is no silver bullet, no nano-technology or AI that will do all of it for you. It is generally easier to fix these things at the foundation level, and then build up to maintain quality. As a Managing Director or Founder, this is going to be only one very important factor, but it is an essential part of every business with the ability to create and destroy value.

“We try to be a critical friend and offer an olive branch to help take away the pain of this for you.”

Thinking of selling or raising funds?

When the updated GDPR laws come into effect in 2018, there were large concerns over what was going to happen. The day after it came in, it disappeared out of the headlines (albeit the odd story about people being fined and maintaining GDPR post BREXIT).

However, it is one of the due diligence items that banks, investors, and similar will now look at and therefore this is something that your business should consider as it can affect the type and quality of a deal you can get from a lender.

What does GDPR Defender do?

We target SMEs, although we are also starting to support more and more start-up companies as well. We provide:

A Cost solution
Initial Audit
Broker to specialist services
Maintenance Plan

Every business we have come across has not had a compliant approach to GDPR, and so we made it our mission to help MD’s and founders get over this hurdle to remove the risk of fines and being open to further damage.

We offer a detailed GDPR audit (practical, technical, managerial, policy, tasks that we go through with you) whereby we produce a report which will show where you stand, where you fall foul and where you are open to GDPR non-compliance.

We then provide solutions to this for your business and can help source how to rectify this. We also show you how to stay compliant over time, to keep your business in that compliant state.

GDPR Summary

Don’t look at this just as a tick box exercise
Don’t assume that the size or sector of your business is not counted and does not apply to you
Do not take shortcuts with GDPR, ask somebody with a good reputation in the industry

Think of this as a business process in the same way you would think of marketing, processes, etc. There is a legal provision there to fund this work to help you become more compliant.

………………………………..………………………………..………………………………..………………………………..……………………………

Andrew Borland, Virtual Engineering Centre

Digital Strategy: Delivering Innovation in SMEs and Supply Chains

For over 10 years, the Virtual Engineering Centre (VEC) has been helping businesses to adopt digital technologies through digital transformation to remain competitive and innovative.

The VEC is currently leading three fully-funded support programmes:

Digital strategy (LCR4 START)
New Supply Chains for Web 3.0 (LCR4 Holistic)
Industrial Digitalisation (CW4.0)

Digital Strategy

When starting your strategy, you have to ask yourself

If current and emerging digital technologies relevant to your business?
Where do you want the business to be?
What are the digital implications to the business?
What technologies do you need to adopt and what investment do you need?
How are technologies likely to change your sector?
What are your competitors doing?

Your company will then need to create and set a digital roadmap for successful adoption, ensuring smooth adoption and management of these tools and technologies to maximise the opportunities and benefits they offer.

Adopting Technology

50% of SMEs have adopted 2-4 new technologies
You do not need to be a ‘tech business’ to take advantage of digital technology
Digital technology has its roots across all sides of the business and functionalities

The Process is Nothing New: American Express Case Study

American Express was initially trusted for moving items across the railway network. Then after telegram technology and electricity lines came in, they saw an opportunity for moving money. This then progressed into travellers’ cheques, and then into credit cards.

The process of innovation is nothing new. IT is just an example of how a company can move from one form to another, adopting new technologies along the way to open new revenue streams and ensure the success of the business.

Where in your organisation could you prioritise to achieve digital adoption?

Eternally focused: Customers and Strategy
Internally focussed: Technology and Organisation
New opportunities: New Revenue, enabling change and reducing error, efficiency and productivity

Technology is not about putting people out of jobs; the value is about improving your margins.

The biggest threat to your business is not being competitive!

Cybersecurity

Cybercrime estimated to cost $10.5 Trillion by 2025
55% of SMEs reported being attacked in 2019 with 33% of businesses being targeted on a weekly basis
Typical hacker incursions go undetected for 205 days. Businesses need to be mindful and take ownership of privacy elements
69% of businesses are told by others that they have been compromised

Threats

Malware (Malicious software, worms, viruses, spyware)
Ransomware (Locks down files, data or systems. Threatens to erase data, demanding money to get your files back – these are focused attacks)
Phishing (social engineering, but you have a duty of care to look after your customers)
Insider Threats (current or former employees, access systems or networks)
DDoS attacks (crash servers/network, multiple coordinate systems, business interruption)
Industrial Espionage (Infiltrate system, steal sensitive data and IP)
Man-in-the-middle attacks (eavesdropping, intercepts data, unsecure Wi-Fi)

Disaster Recovery and Resilience