We are in the midst of one of the coldest winters on record here in the Northeast. But the real big privacy and security chill is happening all around the world.
For all you Game of Thrones fans, winter is coming quite figuratively — if not literally — as companies begin to face the reality that the European Union’s General Data Protection Regulation (GDPR) deadline is almost upon us.
By May of this year, all companies holding European citizen data must be compliant. However, most — if not all — organizations, big and small, are not adequately prepared.
Compliance Advice for 2018
All of this is set in the context of the seemingly never-ending data breaches in 2017.
Those breaches exposed the sensitive, personal data of hundreds of millions of people, but also affected the companies in question with billions of dollars lost in market value as a result. Equifax, Deloitte, Yahoo — the list goes on and on.
What’s clear is no organization is breach-proof. Cybercrime is on the rise, and every company is vulnerable. Winter is truly coming — in fact, it’s already here. So what can we do about it?
Understand that Data May Be Your Most Valuable Asset
This is a large part of the reason cybercrime and breaches are on the rise. We’ve heard of data as the “new oil” in our digital economy, but another analogy I heard recently which resonated even more was data as “electricity.”
Data powers our companies and fuels our productivity, but it can also shock or hurt us. Imagine the impact to our businesses if it was turned off. By taking proper precautions to build in safeguards, we can not only optimize our use of data to generate revenue, but we can also prevent harm or even calamity.
Tag Your Data
Only one third of enterprise organizations are tagging their data, according to a 2017 GDPR Self Assessment Benchmark Survey conducted by privacy and cybersecurity think tank, Centre for Information Policy Leadership (CIPL) and AvePoint.
How is that even possible? The companies that responded to this survey truly represent the best and brightest of leading privacy programs around the world. How is it possible that these mature companies with their excellent security and privacy programs are not doing the basics?
If you do nothing else to prepare your business for GDPR and ensure your cyber-posture, I would strongly recommend you implement automated metatagging so that you could truly understand risk across your business.
Check out the rest of this post here!
A teaser of our latest webinar on GDPR