May 2018

When X-Day became the warning shot for GDPR

Written by Paul Maher

When X-Day became the warning shot for GDPR

The EU General Data Protection Regulation (GDPR) has made ensuring data confidentiality a worldwide issue for business. As we saw with the Facebook and Cambridge Analytica scandal, governments, regulators and ordinary citizens now take data privacy more seriously than ever before.

GDPR will have a direct impact on day-to-day operations for every organisation, whether public or private sector. They will need to show consumers they are handling customer data securely and are able to erase customer data when customers carry out their Right To Be Forgotten. If they do not comply, they will incur substantial fines, which could be as high as $20million.

The new regulation has a global impact. GDPR is calling for all data belonging to EU citizens to be protected at all times and if there is a data breach, the local data regulator must be notified within 72 hours. The threat to businesses comes from malicious actors on the internet, who use ever complex methods to steal information for financial or egotistical gain.

Industry research from Verizon shows it currently takes 99 days for businesses to uncover a data breach, which falls foul of the new data regulation. This means 100 days before the GDPR deadline on May 25th 2018, is the final day for organisations to get their act together on securing their customers’ data. February 15th 2018 was the 100th day to make sure data cannot be exfiltrated.

Our Take

Positive Marketing, with its experience working with GDPR since 2014, advised and then broadcasted our client EfficientIP’s message on GDPR. We helped create data exfiltration day, also known as X-Day. The Point of View urged businesses to protect the Domain Name System (DNS) as it was a very popular way for hackers to exfiltrate data away from the corporate network.

The research, press releases and blogs generated by Positive reviewed how organisations across three regions; Europe, North America and Asia were preparing for GDPR. We analysed the data and found how much businesses were spending on GDPR compliance, how confident they were feeling about complying in time and what would be the major benefits of compliance.

Positive Marketing also identified dates where it will distribute the new data to create rolling thunder ahead of February 15th and secured coverage on Data Privacy Day as well as the Winter Olympic in Korea. This raised anticipation and awareness ahead of the February 15th launch.

On launch day itself, Positive led the global PR charge which generated 25 pieces of coverage in UK and US IT and business publications. The success of the Thought Leadership PR campaign also led to the data being used in press releases from other organisations.

Our newsletter

Sign up to our monthly industry insights