"According to a study conducted by the Neutral Trade Union for Self-employed Workers among 562 Belgian SMEs, 75% of companies have already taken a few GDPR measures, but they are still far from being compliant,” says Samira Hajji, getting straight down to business.
"The remaining 25% have not yet done anything."
So Belgian SMEs are lagging way behind their European colleagues. According to Samira Hajji, this is all to do with the delay in setting up the Data Protection Authority which has to oversee the application of the GDPR in Belgium.
"Eleven European countries have already issued countless fines totaling € 55.9 million. In Belgium, not a single fine has yet been issued.
So Belgian SMEs are reacting far more slowly to the GDPR."
“Not a single GDPR fine has yet been issued in Belgium. So Belgian SMEs are reacting far more slowly."
Hajji warns that SMEs should not focus solely on the lack of fines.
"The Data Protection Authority has now been set up and will try to clear the backlog in fines.
Be warned. But above all, it’s important that SMEs comply with the GDPR to protect themselves against the increasing cybercrime. According to a study by insurance broker Vanbreda, the loss caused by cyberattacks against SMEs in Belgium rose by no less than 194% in 2018.
This loss is significant and can be as much as € 1 million.
Any sector can fall victim.
The question is no longer who, but when."
Hajji always advises her clients to develop a 360° protection strategy which is proactive, complete and dynamic:
“SMEs need to anticipate risks and threats. They can do so by means of an audit that maps out risks. After that, it’s a question of introducing full protection, monitoring constantly and reacting promptly if problems arise."
“360° protection not only covers the necessary technologies, but also the processes that establish the responses in the event of infringements and staff, who have to be made aware of the risks that may result from the careless use of data."
“The risks and threats relating to IT security are constantly evolving. So the GDPR is not a static concept. The processes and technologies used have to be open to regular review. This is only possible if IT security is an essential part of a company’s digital strategy and general culture."
Proximus SpearIT is proud to be part of Proximus Accelerators and helps medium-sized enterprises perform better by organizing their IT together more shrewdlyin the field of:
- Digital workplace
- IT-infrastructure and cloud
- Privacy and security
With specializations in: hard- and software purchasing, IT staffing, IT projects and total IT management.
SpearIT has developed an e-guide specifically for SMEs, with insights and starting points for a proactive, integrated 360° security approach. The e-guide offers you practical answers to questions like:
- What impact does a cyberattack have?
- How do you develop a good data and security policy?
- What are the building blocks of a 360° security strategy and how can you get started?
Download the free e-guide