2017 has heralded an intensification of speculation and opinion regarding GDPR, and Google searches in this area have been steadily rising over the past few months. This is hardly surprising given that the stakes are high for businesses facing huge fines. Come May 2018, if they either fail to report a data breach of personally identifiable data within 72 hours, or are unable to demonstrate that their data governance systems and operations are sufficiently equipped to mitigate the risk that data poses. What is more surprising, perhaps, is the emphasis upon the difficulties businesses are facing with getting their houses in order, rather than upon the timely intervention of this new regulation. GDPR replaces the out-dated Data Protection Act, acting on behalf of consumers whose personal information is now gathered and held as a matter of course by the organisations they engage with online.
At times, we’ve felt slightly out of kilter with the majority. We see much to celebrate in GDPR. Yes, we recognise that for small, medium and especially large business it’s a BIG JOB, but it’s one that’s important, has benefits for us as consumers and presents businesses with opportunities for development. Rather than fearing it, we find the opportunities it presents us, and our clients with, refreshing.
Here are our top 5 reasons to welcome GDPR
1. GDPR is about safeguarding our data
How many times have we handed over our sensitive and personal information to businesses and organisations? We’re all customers, owners and guardians of information. Never before have we had to trust so many strangers – and never have we been trusted by so many strangers. We’re all in it together!
2. GDPR raises the profile of security
It’s a great way to promote security in organisations and businesses. At last, the beleaguered CISO can be pretty sure the board will listen, and more than that, take them seriously. Everyone needs to raise their level of awareness and everyone will have to take responsibility for their behaviours and processes. How long has that been a cherished dream?!
3. GDPR means we have to collaborate
It’s an opportunity to galvanise every department into taking a holistic approach to security, and it requires cross-departmental collaboration. As data assets are passed between departments, everyone must work together to protect it.
4. GDPR means we’ll become more secure
It creates a focus and an impetus for good data governance processes. It’s an opportunity to take stock, review policies and processes, and get our houses in order. That’s good for everyone!
5. GDPR is an opportunity to develop security culture
It encourages the development of a strong, proactive security culture through conversations about our values and how we do things around here. People will have to talk about what matters to them and how their actions demonstrate that. New staff will need to learn secure processes and why we follow them.
Businesses are required, by this regulation, to show that they respect and recognise the vulnerability of the people behind the data they collect. Big fines focus the minds of company CEOs, but beyond the concern, there’s a challenge: to restore trust and integrity in the systems that manage the most valuable commodity we have as individuals, our personal identifiable information.
Layer 8 is currently working with organisations in their preparations for GDPR, with focussing on strengthening the human factor.
Join Layer 8 for the GDPR – A Hands-On Approach webinar, 9.30-10.30am, 25 January 2018. Register now