In the wake of GDPR, law firm Squire Patton Boggs reported a “sharp increase” in the number of UK residents who initiated data subject access requests (DSARs), fulfilling the same number of DSARs in the first five months of 2019 as they’d handled during the entire year of 2018.
CCPA data subject requests (DSRs) are likely to have the same effect on California-based organizations, and with a 45-day deadline for fulfillment, companies that don’t implement automated self-service workflows are at an increased risk for Denial of Service (DoS) attacks.
DoS attacks happen when legitimate users are unable to access information systems, devices, or other network resources due to cyber criminal activity that floods a host or network with traffic until it cannot respond or simply crashes, preventing access to email, online accounts, websites, etc.
These attacks disrupt a company’s online presence by keeping its web servers so busy with network requests that they’re unable to load web pages or Internet resources, costing organizations both time and money while their resources and services are inaccessible.
A DoS attack can happen when a company is inundated with DSRs. It overwhelms the CSR and IT staff, who are forced to respond to requests manually and eventually reach a breaking point in which the company can’t safely respond to requests within the required timeline.
With CCPA right around the corner, there’s no time like the present to start thinking about your company’s plans to circumvent DoS attacks and streamline DSR processes, which, according to the new regulations, must now include identity verification prior to fulfilling each request.
