Data Exfiltration Prevention
Compliance & Regulation
Essential Reading
GDPR Data Exfiltration Prevention
ICO fined British Airways £20 million for failing to prevent data exfiltration.
SOC 2 and Data Exfiltration
68% of breaches involve data exfiltration as the primary attacker objective.
Cyber Essentials and Data Exfiltration
Over 50% of UK ransomware incidents now involve data exfiltration before encryption.
Further Reading
NIS2 and Data Exfiltration
NIS2 requires a 24-hour early warning — the strictest incident timeline in EU law.
DORA and Data Exfiltration
DORA fines reach €10 million or 5% of global annual turnover for critical providers.
PCI DSS 4.0 and Data Exfiltration
Only 14.3% of organisations fully PCI DSS compliant at interim assessment in 2024.
ISO 27001
Average cost of a breach involving data exfiltration: $4.88 million (IBM 2024).