In a recent post my colleagues Paul Glass and Ben Slinn take a look at the ICO's latest enforcement decision which focused on cyber security issues. The ICO has issued a monetary penalty of £1.25 million on Ticketmaster in connection with an incident which occurred back in 2018. In the ICO’s view there was a failure to process personal data in a manner that ensured appropriate security, as required under Articles 5(1)(f) and Articles 32 of the GDPR.