Reaffirming our commitment to data protection and GDPR in 2018

• English

Looking back at how cyber crime evolved over the past few years, safeguarding sensitive data against the growing number of online and natural threats has become critical. 2017 has been a year of unprecedented cyber attacks in terms of impact, rate of spread and global scale.

Europol’s 2017 Internet Organized Crime Threat Assessment (IOCTA) report highlights a detailed assessment of the changes, emerging threats and key development over the last year. The study is based on contributions from the EU member states, expert Europol staff and partners in various private industries, financial sector and academia. IOCTA reveals key developments in several areas of cyber crime from 2017, such as:                     

• Ransomware affected victims across multiple industries in both public and private sectors, as well as national infrastructures worldwide;
• The first serious attacks by botnets that occurred in 2017 using the infected Internet of Things (IoT) and social engineering;
• Data breaches continue to result in the disclosure of vast amounts of data - over 2 billion records related to EU citizens leaked in 2017;
• Inadequate IT security for internet entities will continue to result in sensitive data being unlawfully accessed, exfiltrated and disclosed every year.

Where does Dennemeyer stand?

We remain committed to safeguarding our clients' data and take extensive technical measures when managing Intellectual Property portfolios. Our servers are located in Luxembourg and are Tier 4 certified. Having the strictest certification level, our data centers offer the highest redundancy standards, levels of availability and least amount of hours of interruption per year. Due to the stringent service and technical performance levels required, Luxembourg’s data protection standards are among the highest in the world.

Dennemeyer is ISO 27001 certified and our focus is to protect the confidentiality, availability and integrity of the data that comprises all our client’s IP portfolios. We have robust systems in place to manage and address risks that threaten the data. Our Virtual Private Network (VPN) helps us minimize risks and maximize security.

Dennemeyer's fundamental principles

The security of information and other assets is fundamental to our business success. Our information security management system conforms to the internationally accepted best practices as defined in relevant security standards, procedures and guidelines, following ISO 27001 and BSI IT security baselines.

Information security controls are necessary to protect Dennemeyer’s information assets against unacceptable risks to confidentiality (e.g. preventing unauthorized disclosure of sensitive corporate or personal information), integrity (e.g. ensuring that human errors and programming bugs do not reduce the completeness or accuracy of our data) and availability (e.g. minimizing unplanned system downtime and consequent interruption of critical business processes).

The IT security officer leads the information security function and it is responsible for the IT Security Policy Manual comprising all policies, standards, procedures and guidelines for information security. The function acts as an internal center of excellence providing leadership and guidance on all matters relating to information security. Dennemeyer invests continuously and wisely in proven information security controls that are justified by life cycle cost / benefit assessment and risk analysis. Information security is pervasive throughout the entire organization to protect all our information assets (including those we own and those placed in our care). It is an inherent part of our IT architecture and a component of our operational and management processes.

Information security allows us to enter business partnerships more confidently and successfully maintain relationships, markets and situations that would otherwise be too risky. It also enhances our corporate image as a trustworthy, open, honest and ethical organization. Our goal is either to eliminate risks or to minimize them in the most cost effective manner, offsetting the cost of controls against the anticipated reduction in losses due to security breaches.

What is next?

On 25 May 2018, the European Parliament, the Council of the European Union, and the European Commission will introduce the General Data Protection Regulation (GDPR). The GDPR will replace the 1995 EU Data Protection Directive. It aims to strengthen individual's rights regarding their data and seeks to unify all the EU data protection laws, regardless where the data is processed.

Want to know more about what is new in the GDPR, data protection and data privacy?