11 Ways to Be More Secure and Compliant in 2018

We are in the midst of one of the coldest winters on record here in the Northeast. But the real big privacy and security chill is happening all around the world.

For all you Game of Thrones fans, winter is coming quite figuratively — if not literally — as companies begin to face the reality that the European Union’s General Data Protection Regulation (GDPR) deadline is almost upon us.

By May of this year, all companies holding European citizen data must be compliant. However, most — if not all — organizations, big and small, are not adequately prepared.

Compliance Advice for 2018

All of this is set in the context of the seemingly never-ending data breaches in 2017.

Those breaches exposed the sensitive, personal data of hundreds of millions of people, but also affected the companies in question with billions of dollars lost in market value as a result. Equifax, Deloitte, Yahoo — the list goes on and on.

What’s clear is no organization is breach-proof. Cybercrime is on the rise, and every company is vulnerable. Winter is truly coming — in fact, it’s already here. So what can we do about it?

Understand that Data May Be Your Most Valuable Asset

This is a large part of the reason cybercrime and breaches are on the rise. We’ve heard of data as the “new oil” in our digital economy, but another analogy I heard recently which resonated even more was data as “electricity.”

Data powers our companies and fuels our productivity, but it can also shock or hurt us. Imagine the impact to our businesses if it was turned off. By taking proper precautions to build in safeguards, we can not only optimize our use of data to generate revenue, but we can also prevent harm or even calamity.

Tag Your Data

Only one third of enterprise organizations are tagging their data, according to a 2017 GDPR Self Assessment Benchmark Survey conducted by privacy and cybersecurity think tank, Centre for Information Policy Leadership (CIPL) and AvePoint.

How is that even possible? The companies that responded to this survey truly represent the best and brightest of leading privacy programs around the world. How is it possible that these mature companies with their excellent security and privacy programs are not doing the basics?

If you do nothing else to prepare your business for GDPR and ensure your cyber-posture, I would strongly recommend you implement automated metatagging so that you could truly understand risk across your business.

Check out the rest of this post here!


A teaser of our latest webinar on GDPR

Dana S.

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise