Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The BC/DR Impact of GDPR

by The Gurus
January 5, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

Soon to be enacted across the European Union, the General Data Protection Regulation – better known as GDPR – has caused no end of concern among CIOs.
Although it represents good news for consumers, from a business perspective, things aren’t quite so simple. While the regulation will be helpful in making it easier and more cost effective for cloud providers to offer pan-EU solutions, as well as making customers feel safer in entrusting valuable data to third-parties, GDPR is likely to have serious implications for Europe’s approach to disaster recovery (DR) and business continuity (BC).
For a start, there is a significant difference between the current DR directives and the rules set out by GDPR. Its introduction will necessitate a hefty cultural shift, not only in the management of technology but in the way people operate and the processes put in place.
The regulation will impact any business, whether based in the EU or not, that holds the personal data of EU citizens. Moreover, the definition of ‘personal data’ is broad and could change as consumers continue to expand their online presence. Ultimately, it means that not only must organisations intensify their data protection efforts, they must do so for a large volume of data. In turn, organisations will need to extend their BC/DR efforts to cover this greater remit.
And, as the pressure rises, so too do the stakes. GDPR is driven by two serious threats: reputational damage and monetary fines. Although you could argue that the former has always existed – with plenty of organisations having endured serious backlash from consumers following a data breach – the idea of financial penalties is new. Organisations who fail to properly protect customer data can be fined up to a maximum of €20m or four per cent of their total worldwide annual turnover, whichever is higher.  A high price to pay for ennui or delay!
To manage these changes, it will be mandatory for businesses of over 250 employees to appoint a Data Protection Officer (DPO). From training staff on how to handle customer data through to keeping track of all data within the organisation, the DPO role will need to take a granular approach to the backup and archiving of critical data. Furthermore, to comply with GDPR rules such as ‘the right to be forgotten’, DPOs will be expected to know, with pinpoint accuracy, where any set of customer data is at any given time; an exceptionally difficult task when you consider that a lot of customer data doesn’t even make it onto the organisation’s central server.
As a DPO, it would be your job to root out this data, ensure it is adequately protected, suitably encrypted, and included in all BC/DR initiatives.
With less than 19 months before the rule is enforced, the clock is well and truly ticking. With today’s complex IT environments and cloud deployments, BC/DR processes are already challenging and the GDPR ruling means that complexity will only become more acute and the need to test all processes well in advance is a must. Organisations need to be certain that in the event of an issue, they will be able to remain complaint with the regulation – even when operating with diminished resources. Having everything in place is likely to require multiple invocation tests as well as serious investment – in time and planning not just funds. All in all, preparation is likely to take over a year – meaning there is little room for error when it comes to laying the groundwork for GDPR compliance.
Attaining GDPR will not be easy.  It will not be quick. However, with the risk of such severe financial, operational – and likely reputational – penalties, it is an issue to which organisations must begin to direct their full attention. Today!

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Ignoring Open Source Components is Making Security Software Insecure

Next Post

New Hampshire Health Agency reports data breach

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information