Gary Hibberd


It IS the final countdown.

This is not a political post, because it really doesn’t matter if you voted to leave or remain, or you believe in a People vote or not.  The likelihood is that on the 31st October (‘Nightmare on Downing Street?’), we will be leaving the EU – Deal or no deal. Not being prepared for this because there is still so much confusion is not a responsible answer to ‘Are you ready for Brexit?’

Whilst there has been much derision and scoffing at some of the Contingency plans that the UK Government has suggested and/or put in place, I am always quick to say “Ok… so what have YOU done?” 

If your answer to that question is “I’m waiting to see what the Government tells me to do” then I wonder at what point you will start taking responsibility for your own destiny and start leading the company you run or work for? 

Our position

One of the issues we’re faced with of course is that Brexit means different things to different people. If you’re a farmer it means something completely different to the Bankers in the City. If you’re in the NHS it means something completely different to the haulage and freight company down the road.  But that is still no excuse for not taking action. 

“Do, or do not. There is no try” – Yoda

We all need to take responsibility for preparing for Brexit and for minimising the impact upon our organisation.  What is your ‘sphere of influence’? Ok, so you might not be able to change the decision on Brexit, but you can influence how your business, your customers and your teams will be impacted.

If you’re struggling to understand what the impact is, then run a risk workshop to specifically deal with this question. Don’t say you ‘tried’ to do this.. do it now and don’t delay.  Ask those who run your organisation;

  • What will be the impact of a No deal Brexit?

  • Is it different to leaving with a deal?

  • How will it impact us?

  • Who will be impacted?

    • Staff?

    • Suppliers?

    • Customers/Clients?

  • How quickly will the impact be felt?

  • What changes do we need to make now, to reduce the impact?

  • Who do we need to help us with this?

Cyberfort preparations

I don’t mind telling you that we at Cyberfort have been preparing for this internally for a long time and have asked these very same questions. Each has been answered and a comprehensive response to each identified risk has been outlined and contingency processes or actions have been put in place.


More so, we have been helping our clients to think about the impact on them, with a specific focus on matters related to Data sovereignty, Data transfers and the impact of other EU regulations on Data Protection (e.g PECR).

Was this easy? No. Were there lots of ‘unknown, unknowns’? Yes. Did it stop us? Absolutely not.

So what can you do?

Take the advice provided above and start planning today. Ask what impact will Brexit have on you, irrespective of the form it will come in.  If you’re particularly concerned about Data Protection and the transfer of Data in to and out of the EEA then take a look at the following advice from the Information Commissioner and seek further advice and guidance. We would be happy to discuss this with you.

  • If you are a UK business or organisation that receives data from contacts in the EEA, you need to take extra steps to ensure that the data can continue to flow after Brexit.

  • Your best preparation for data protection after Brexit is to comply with the GDPR now.

  • The UK is committed to maintaining the high standards of the GDPR and the government plans to incorporate it into UK law alongside the Data Protection Act 2018 after Brexit. UK businesses will be covered by the UK data protection regime.

  • The UK government has stated that transfers to the EEA will not be restricted. So if you send data from the UK to the EEA you will still be able to do so and you don’t need to take any additional steps.

  • If a business or organisation in the EEA is sending you personal data, then it will still need to comply with EU data protection laws. You will need to take action with them so the data can continue to flow.

  • For most businesses and organisations, SCCs (Standard Contractual Clauses) are the best way to keep data flowing to the UK.

  • Make sure you review your privacy information and documentation to identify any minor changes that need to be made after Brexit.

Finally, make sure you keep up to date with the latest information and guidance.

Brexit is coming

Please do NOT ignore this matter and look to the Government for help. They are not coming to save you, and it doesn’t really matter what side of the political decide you sit on, the fact remains that we are where we are and we must face it head on.​​

Other resources

Case studies

Our cyber consulting team works with clients from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here. Learn more >


See what our team have been discussing around current issues in regulation and data security, and recommended processes and policies that will benefit your business. Learn more >


In our collection of whitepapers, Cyberfort’s cyber consulting experts explore issues from cyber threat intelligence to incident planning and data security. Read our whitepapers to help make informed decisions for the benefit of your business.Learn more >