Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


Navigating GDPR – threats and opportunities

Harriet Parker, Investment manager, Liontrust Asset Management

As more of our lives are carried out online, protecting personal or corporate data from theft continues to offer opportunities for investment.

Harriet Parker

Harriet Parker

Several businesses are finding better ways to protect this growing area of the economy and Enhancing digital security has been a key theme across our Sustainable Future funds for many years. This theme is becoming ever-more important with a number of high-profile breaches recently leading to growing concerns about how personal data is managed and the new European General Data Protection Regulation (GDPR) coming into force on 25 May this year. This requires companies to prove they understand where data is held and who has access to it, and also introduces stricter rules on security and processing.

From a scale perspective, it is important to note this regulation does not just apply to EU businesses but to any company holding European data – and the penalties for non-compliance are considerable, with fines up to €20bn or 4% of revenue, whichever is higher.

Key requirements under GDPR:
Increased rights for data subjects, the right to “be forgotten” and data portability
Software developed with security in mind (privacy by design and by default) 
Pseudonymisation or encryption of personal data
Secure processing of data 

Initial research from Ernst & Young suggests that half of relevant companies will not be fully compliant with requirements by the deadline, suggesting the regulation should be a catalyst for higher IT spending in Europe over the long-term.

Areas set to benefit include vulnerability management, security analytics, identity and data protection technologies, and storage software.

Although we see many organisations allocating additional spending to comply with GDPR, a good proportion of this money looks set to be channelled towards external advisory services, benefiting companies with greater involvement in this area. But if half of companies are not yet prepared, we believe there could also be an upsurge in demand for cyber security products.

Our GDPR focus is twofold: we continue to look for businesses benefiting from the Enhancing digital security trend but as many of the companies in our Funds have to comply with the regulations, it has also become a key engagement issue.

Initial research last year showed corporate disclosure on this issue was limited and we continue to assess the level of preparedness among our holdings. Smaller companies with fewer resources could be at significant risk, for example, given the potential fines and loss of consumer trust.

In the lead up to the GDPR deadline, we have been investigating other opportunities among the growing number of companies innovating in the digital security space. This spans a broad range of businesses, involving analysis of vendors, master data management (MDM) companies and larger systems integrators and consultants with a high percentage of revenues coming from products exposed to digital security growth.

Current holdings with exposure to this include pure-play security software providers such as Sophos in the UK and Splunk in the US.

Sophos provides information technology security and data protection products, offering protection against viruses, malware, spyware, intrusions, unwanted applications, spam, policy abuse and data leakage. Splunk develops web-based application software that collects and analyses data generated by websites, applications, servers, networks and mobile devices and its products can be used alongside traditional digital security products to better assess threats, incidents and responses.

We will watch the impact of GDPR in the months after May with interest: when similar rules came into force in the Netherlands, for example, there were over 1,000 breaches in the first 100 days. It will be here that we get to understand how well companies have prepared. As a digital security expert said to us recently: “You’ll never know when you’ve overspent on security, but you’re sure to find out when you haven’t spent enough.”

Continue Reading

Recent Posts