The EU’s General Data Protection Regulation (GDPR) is an important piece of legislation, yet even with the passed deadline, some organizations are still underprepared.

The industries most affected will be those that collect large amounts of customer data, including technology companies, retailers, healthcare providers, insurers and banks.

As of April, according to a CompTIA study, "A full 52 percent of 400 U.S. companies surveyed are either still exploring the applicability of GDPR to their business; have determined that GDPR is not a requirement for their business; or are unsure."

GDPR is a new set of rules designed to give EU citizens more control over their personal data. The reforms, which have been in the making for a few years now, brings laws and obligations around personal data, privacy and consent, to protect citizens.

Data breaches happen every day: Information gets lost, stolen or released into the hands of people who were never intended to see it.

Under the terms of GDPR, organizations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners, or face penalties for not doing so.

If you haven't prepared, don't worry. There's still things that you can do today to be in compliance.

Get senior management on board and create a steering committee.
Hire a data protection officer to comply with the legislation.
Work with your legal team to determine what the regulation means, and how it should be interpreted with your country's law.
Do a risk and gap analysis, which includes reviewing all contracts.

The good news is that advanced PIAM solutions bridge the gap between policy and process by employing policy-based automation, deep systems integration and strong auditing capabilities to help organizations comply with the main requirements of GDPR more effectively and efficiently, enabling them to do business in Europe or with EU citizens without fear of incurring fines or other penalties.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

You’re Not Ready for GDPR, but Don't Panic

Security Magazine

2020 December