Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and ManagementCybersecurity News

GDPR: Seeing Beyond Compliance to 3 Business Benefits

By Cal Slemp
GDPR
May 3, 2018

Cybersecurity breaches make headline news, seemingly on a daily basis. Private data for millions of consumers is compromised at greater frequency. Organizations scramble to remediate damages and restructure their cyber defense tactics. To address this new normal and further protect personal information from data breaches, the European Union will formally implement the General Data Protection Regulation (GDPR) on May 25, 2018. Replacing its 1995 predecessor, The Data Collective Directive, the GDPR will hold organizations legally responsible for their awareness and commitment to appropriately managing sensitive, personal information, including everything from an individual’s name to their identity/Social Security number and IP address.

EU citizens may feel a stronger sense of security over their personal information, thanks to the GDPR specifications, which include providing personal consent for organizations to use data and having the rights to erasure and data portability. However, organizations around the world are responding to these new data governance and security requirements in different ways. Some are wholeheartedly complying with the regulations, while others are adopting a check-the-box mentality or ignoring how the GDPR will affect their consumers and lines of business. The journey to compliance may feel daunting for many, yet the latter two stances essentially skirt the GDPR and invite more risk than organizations may want.

 

Checking-the-Box Yields More Risk

The danger with a check-the-box approach is that it doesn’t approach cybersecurity as a matter that affects each department of an organization. There’s a focus more on keeping personal data private rather than protected. Companies that take this approach, including those ignoring compliance, may be awaiting a data breach before adopting a mature data security program.

We have seen consumer and market reaction to data breaches (e.g., Yahoo!, Equifax, Anthem), but consumers at large have often accepted these events as if the target company was doing the “right things” to prevent cyber attacks. Once the GDPR launches, however, this mentality likely will change. Consumers will have power and control over who holds their data and how their information is used. If breaches occur, non-compliant companies will be held accountable and fined up to 4 percent of their global turnover, or €20 million, whichever is greater. More importantly, these companies may irreparably damage customer loyalty.

 

Shifting Perspective Can Result in Three Key Benefits

The primary difference between companies that are equipped for GDPR to roll out in May and those that aren’t is a shift in perspective. Taking a holistic approach is important for companies to consider while on this compliance journey. Companies that achieve GDPR preparedness will realize several important benefits, including:

  1. Increased collaboration across the organization.

Cyber breaches are no longer siloed within the IT security team. Private, protected data circulates throughout most departments – from finance to sales, marketing, human resources and more. As organizations work cohesively to ensure GDPR compliance, they can collaborate and work cross-functionally to put best practices, policies and procedures into place throughout the enterprise.

  1. Greater customer loyalty.

Private, personal data is a valuable commodity. With cyber threats on the rise, consumers want to feel “cyber safe,” confident that their information is protected. Under the GDPR, businesses become more transparent to customers who provide consent to companies to use their information, while non-compliant companies may be viewed in a negative light. In addition, customers now have the right to remove their data or transfer it to a competitor – pledging loyalty to another brand. Vendors will not be able to confine data from competition or conceal compromised information from consumers. Organizations that openly stress their GDPR compliance will maintain customer loyalty and are likely to attract more business.

  1. Increased confidence in cybersecurity management.

Many data breaches happen because of human error. These small mistakes can turn into costly catastrophes. The GDPR mandates that an official Data Protection Officer (DPO) be on duty for all EU companies that collect and process personal data. DPOs have many responsibilities, including training data processing teams, conducting audits and educating employees on compliance requirements. These measures will help reduce data breaches and increase cybersecurity.

 

Stand Out in the Race to GDPR Compliance

Companies that will stand out in the race to become GDPR-compliant are staying focused and seeking help. Risk assessments can help organizations identify vulnerabilities and manage risks. Governance in place – updated policies and notices, program and application ownerships, and processes to address forgotten inquiries – will assist in fixing specific gaps and completing a data inventory. Ensuring that your vendors also meet GDPR requirements is vital for ongoing, successful compliance.

KEYWORDS: GDPR; security compliance international security privacy security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Cal Slemp is a Managing Director of Protiviti.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Security newswire default

    Many Global Executives Don't Believe GDPR Compliance is Relevant to Their Business

    See More
  • Cybersecurity image

    To overcome compliance challenges, financial institutions must look beyond ZTNA

    See More
  • AI-cyber

    Beyond Business Intelligence – Using AI to Gain Sharper Insights From Your Loss Prevention Data

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing