DTX Manchester DTX Manchester
  • About Us
Wednesday, 20 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The Five Myths Of GDPR.

by The Gurus
November 12, 2019
in Data Protection
iland logo
Share on FacebookShare on Twitter

By Frank Krieger, Vice-President, Governance, Risk and Compliance, iland

May 2019 will mark the first anniversary of the General Data Protection Regulation (GDPR), and early numbers make clear that its implementation has been a success as a breach notification law. As such, GDPR has affected multiple aspects of a business. It has created increased requirements for businesses to deal with issues such as security, compliance, data ownership, training and data management. The new regulation will require, for many of businesses, a fundamental change to their internal processes and ongoing focus on compliance.

There are several myths around who manages data inside an organisation which have been challenged as a result of GDPR regulations. From the shift from an IT-centric to a business process owner model, to educating internal teams and reviewing tools, here are the top five myths around management of data that GDPR effectively busted.

Data Management is an IT function

Data management used to be solely an IT function but, since GDPR came into force, organisations have been increasingly realising the criticality and value of their data assets. This is why the data management function has become a business and IT function. It requires a full commitment by every organisation to build data protection into its culture and all aspects of its operations, from support through accounting to product development. The GDPR is not specific to just IT, it must permeate all aspects of the organisation to ensure a culture of data privacy is built.

Business organisations have always been familiar with data management

Since the new regulation made data management a business, not just an IT, concern, awareness around GDPR needed to be expanded to different departments in an organisation. Many parts of business organisations were not familiar with data management and had to be trained and managed around the issue. However, a recent paper by Osterman Research showed that only 42 per cent of organisations have trained their employees around data management and GDPR, meaning that 58 per cent left their employees in the dark.

All departments understand how to manage and control data

As mentioned above, data management used to be exclusively an IT function and IT teams had a good understanding of the way data should be managed and control. Those in business functions tended to accumulate data and lacked access control, putting at that data at risk. Today, the responsibility for compliance is shared across the different functions. Non-IT employees cannot simply close their eyes to the risks they take when handling their company’s data. Raising awareness is crucial to prevent data breaches and impacts on the organisation’s finances and reputation.

GDPR isn’t relevant for everyone

Departments have been affected in different ways and to different degrees: some have been living and breathing the regulation for several years, for others it may be new. But being data protection-aware is no longer optional, it’s critical and regulated. An ongoing continuous programme of education – from induction through regular refresher sessions – is essential. This helps make data awareness relevant for everyone from the Chairman of the Board to the customer service team and beyond.

Data protection stops at the organisation’s perimeter

Suddenly, businesses realised that they were responsible not just for their own data protection compliance, but that of all the links in their supply chain. Cloud computing is a case in point where IT and business managers realised that their CSP needed to be just as compliant as they were in order to avoid a huge security gap. From client-supplier, the relationship shifted to that of a collaborative security partnership as the degree of trust and diligence needed between parties escalated.

From myth to reality

Overall, the understanding of the value and risks around personal data had to be propagated through organisations and actively monitored. GDPR didn’t act as a reminder of what ought to be done, but instead as a proper new regulation. It has changed how organisations collect and manage data and personal information, busting the myth that data management lived in the IT department silo and making it relevant for everyone. That has required extensive investment in people and tools to oversee, and a re-evaluation of business relationships with suppliers and customers alike.

FacebookTweetLinkedIn
Share2TweetShare
Previous Post

Forcepoint Names John Sorensen As Vice President Of Global Sales Strategy And Execution.

Next Post

Hackers Paradise:The Dark Web And Growing Cyberattacks On Businesses.

Recent News

View from the back of an aeroplane aisle.

Airline Passenger Data Stolen by Hackers

January 20, 2021
iPhone X/11, open Mail application with empty inbox. To the left of the phone is a green plant.

Emails exposed to SolarWinds Hackers

January 20, 2021
Money signs

Covid-19 and Brexit result in 70% of UK financial firms suffering cyber-attacks

January 20, 2021
Camera lense

1.4 million Pixlr user records shared on hacker forum

January 20, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept