Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 31 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The Five Myths Of GDPR.

by The Gurus
November 12, 2019
in Data Protection
iland logo
Share on FacebookShare on Twitter

By Frank Krieger, Vice-President, Governance, Risk and Compliance, iland

May 2019 will mark the first anniversary of the General Data Protection Regulation (GDPR), and early numbers make clear that its implementation has been a success as a breach notification law. As such, GDPR has affected multiple aspects of a business. It has created increased requirements for businesses to deal with issues such as security, compliance, data ownership, training and data management. The new regulation will require, for many of businesses, a fundamental change to their internal processes and ongoing focus on compliance.

There are several myths around who manages data inside an organisation which have been challenged as a result of GDPR regulations. From the shift from an IT-centric to a business process owner model, to educating internal teams and reviewing tools, here are the top five myths around management of data that GDPR effectively busted.

Data Management is an IT function

Data management used to be solely an IT function but, since GDPR came into force, organisations have been increasingly realising the criticality and value of their data assets. This is why the data management function has become a business and IT function. It requires a full commitment by every organisation to build data protection into its culture and all aspects of its operations, from support through accounting to product development. The GDPR is not specific to just IT, it must permeate all aspects of the organisation to ensure a culture of data privacy is built.

Business organisations have always been familiar with data management

Since the new regulation made data management a business, not just an IT, concern, awareness around GDPR needed to be expanded to different departments in an organisation. Many parts of business organisations were not familiar with data management and had to be trained and managed around the issue. However, a recent paper by Osterman Research showed that only 42 per cent of organisations have trained their employees around data management and GDPR, meaning that 58 per cent left their employees in the dark.

All departments understand how to manage and control data

As mentioned above, data management used to be exclusively an IT function and IT teams had a good understanding of the way data should be managed and control. Those in business functions tended to accumulate data and lacked access control, putting at that data at risk. Today, the responsibility for compliance is shared across the different functions. Non-IT employees cannot simply close their eyes to the risks they take when handling their company’s data. Raising awareness is crucial to prevent data breaches and impacts on the organisation’s finances and reputation.

GDPR isn’t relevant for everyone

Departments have been affected in different ways and to different degrees: some have been living and breathing the regulation for several years, for others it may be new. But being data protection-aware is no longer optional, it’s critical and regulated. An ongoing continuous programme of education – from induction through regular refresher sessions – is essential. This helps make data awareness relevant for everyone from the Chairman of the Board to the customer service team and beyond.

Data protection stops at the organisation’s perimeter

Suddenly, businesses realised that they were responsible not just for their own data protection compliance, but that of all the links in their supply chain. Cloud computing is a case in point where IT and business managers realised that their CSP needed to be just as compliant as they were in order to avoid a huge security gap. From client-supplier, the relationship shifted to that of a collaborative security partnership as the degree of trust and diligence needed between parties escalated.

From myth to reality

Overall, the understanding of the value and risks around personal data had to be propagated through organisations and actively monitored. GDPR didn’t act as a reminder of what ought to be done, but instead as a proper new regulation. It has changed how organisations collect and manage data and personal information, busting the myth that data management lived in the IT department silo and making it relevant for everyone. That has required extensive investment in people and tools to oversee, and a re-evaluation of business relationships with suppliers and customers alike.

FacebookTweetLinkedIn
Share2TweetShare
Previous Post

Forcepoint Names John Sorensen As Vice President Of Global Sales Strategy And Execution.

Next Post

Hackers Paradise:The Dark Web And Growing Cyberattacks On Businesses.

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information