You’re Not Ready for GDPR, but Don't Panic

security leadership responsive default security

June 13, 2018

The EU’s General Data Protection Regulation (GDPR) is an important piece of legislation, yet even with the passed deadline, some organizations are still underprepared.

The industries most affected will be those that collect large amounts of customer data, including technology companies, retailers, healthcare providers, insurers and banks.

As of April, according to a CompTIA study, "A full 52 percent of 400 U.S. companies surveyed are either still exploring the applicability of GDPR to their business; have determined that GDPR is not a requirement for their business; or are unsure."

GDPR is a new set of rules designed to give EU citizens more control over their personal data. The reforms, which have been in the making for a few years now, brings laws and obligations around personal data, privacy and consent, to protect citizens.

Data breaches happen every day: Information gets lost, stolen or released into the hands of people who were never intended to see it.

Under the terms of GDPR, organizations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners, or face penalties for not doing so.

If you haven't prepared, don't worry. There's still things that you can do today to be in compliance.

Get senior management on board and create a steering committee.
Hire a data protection officer to comply with the legislation.
Work with your legal team to determine what the regulation means, and how it should be interpreted with your country's law.
Do a risk and gap analysis, which includes reviewing all contracts.

The good news is that advanced PIAM solutions bridge the gap between policy and process by employing policy-based automation, deep systems integration and strong auditing capabilities to help organizations comply with the main requirements of GDPR more effectively and efficiently, enabling them to do business in Europe or with EU citizens without fear of incurring fines or other penalties.

Back to the Basics: Privileged Access Management

With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority (Gartner puts it at the top of their “Top Security Projects” list for 2 years in a row). But where do you start? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?

Demystifying IoT and Its Impact on the Security Professional

The term “Internet of Things” is becoming increasingly common in the vocabulary of IT and physical security professionals. While IoT may seem like a foreign concept, it’s probably more familiar than you realize. Of the 17.5 million petabytes of data generated by IoT applications, 84% comes from video surveillance! Additional IoT data is generated by integrated security sensors, access control systems and other physical security applications.

Poll

Mass Notification

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2019 May

Our May issue cover article features “How SOCS Help in Training Security Professionals”.

Also in May, license plate reader technology is on the rise. How can LPR technology secure perimeters and lessen cybersecurity threats? And discover "How to meet the Growing Demand for Cybersecurity Professionals".

View More Subscribe