Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 24 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

GDPR compliance: six steps to make it happen

by The Gurus
August 8, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

The deadline for GDPR compliance is now less than a year away. The regulation has become a major business concern for many companies, with good reason – one of the most publicised parts of the legislation is the threat of non-compliance fines up to 4 per cent of global revenues. That’s without mentioning the inestimable reputational damage that comes with it. Consumers are now more sensitive than ever to how their personal data is processed and protected.
Technology leaders like chief data officers (CDOs) and chief information officers (CIOs) must see this as an opportunity to take the lead in building compliance into company processes. They can help their companies achieve multiple benefits at the same time as appeasing the regulators.
The advantages are many and varied. From removing operational silos and creating more efficient internal processes to improving customer personalisation programmes, good data makes for a successful business. But you have to invest to make the most out of your information assets, and you have to develop a roadmap that will deliver value over time.
As a result, for the past decade many companies have seen the technological and financial barriers as too much. As one example of this specious thinking, why dedicate capex to a data management project if the business is already running smoothly? There is also a cultural barrier to overcome in many cases – getting control of your data often means changing the way a company works, which brings with it difficulties of its own.
Now the GDPR deadline may force the issue. With the C-suite more focused than ever on the importance of good data management, the CDO should take responsibility for making the company data-centric – and then help it reap the rewards.With that in mind, here are six points we consider could be important to help the business on its GDPR initiative journey.
 

  1. Don’t see GDPR as an enemy. Financial services companies are used to building many of their processes around regulation, but many other industries are not. Don’t be afraid of making the necessary changes – instead, treat them as a chance for competitive differentiation. Preparing for the GDPR can help businesses to get a good, in-depth understanding of the personal data they process. In that sense, compliance can be a benefit as well as a challenge: it might cut those who aren’t prepared for it, but it can give others plenty of valuable insights to drive growth and customer engagement.

 

  1. Plan your compliance programme carefully… The journey towards GDPR compliance is often a long one. Even if your company won’t have all the loose ends tied up by May 2018, it’s still important to be able to show regulators and stakeholders that you are intentional and serious about reaching compliance, and that you have control over your data.

 

  1. …and map out your data. For many, a good way to start on GDPR compliance is identifying how your organization processes personal information across its ecosystem, so you can appropriately process and effectively secure it if required. To do that, we think you’d want a clear view of your entire data landscape. Imagine it like a macro version of Where’s Wally – if you can only search part of the picture, you might find Oswald or Wenda, but you’re probably not going to find Wally. As a result, organisations may wish to consider automating the data discovery process. Manually sorting through the huge amounts of data involved often takes a lot longer than predicted, and as your data is evolving all the time, your insights will be stale almost as soon as you produce them. Automated data discovery and management can speed up the process and help you keep pace with shifting data inputs. And by generating a risk score for relevant data, organisations can understand how to start prioritising remedial activities.

 

  1. Involve the whole company. This isn’t just a problem for application developers: the whole company from the top down needs to be on board with making GDPR compliance and data-centricity a success. That means the CDO needs to ensure that senior stakeholders such as the CEO are involved and committed from the start, as they can help to unify the company around the single goal of achieving compliance. Also, don’t forget the legal aspects too – they’re a key part of protecting the company and can help you understand the scope of what’s required.

 

  1. Bring in the right external expertise. Technology alone is not enough for this task. It’s an accelerator for a GDPR initiative, but it’s only one part of the story. You also may need switched-on business consultancy to go hand-in-hand with it. Ultimately, companies may need to re-engineer their entire operational structure to accommodate GDPR, so they may need insightful strategic counsel to help them.

 

  1. Start now, not later. Finally, don’t forget that GDPR kicks in on May 2018. CDOs potentially face a long uphill task, so starting now is key. Like the proverbial bird, the company that starts early will catch the compliance worm and the market share that comes with it. The tools are available. Last year organisations could afford to theorise – we think now is the time for action.

 
Andrew Joss, head of industry consulting EMEA at Informatica

FacebookTweetLinkedIn
Tags: Compliancecybersecuritydatagdprsecurity
ShareTweet
Previous Post

The CIO will report to the CISO

Next Post

Vodafone Joins prpl Foundation to Spur Open-Source Innovation in the Digital Home and Smart Gateways

Recent News

The Journey to Secure Access Service Edge (SASE)

The Journey to Secure Access Service Edge (SASE)

September 22, 2023
WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023
'open' sign on window ledge

SME Cyber Security – Time for a New Approach?

September 21, 2023
Keeper Security Logo

Keeper Security Named a Market Leader in Privileged Access Management (PAM) by Enterprise Management Associates

September 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information