CYBER EXPO BLOG
WHAT HAVE ELEPHANTS GOT TO DO WITH GDPR?
- The African Elephant
- The Indian Elephant
- The European Elephant
The EU Elephant I hear you ask…? Are elephant’s natural inhabitants of Europe?
That would be “General Data Protection Regulation” (GDPR) – without doubt the Elephant in every boardroom across Europe!
First things first, what is GDPR?
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU. It sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue based. GDPR covers all companies that deal with the data of EU citizens, so it’s a critical regulation for corporate compliance officers at banks, insurers and other financial companies. GDPR will come into effect across the EU on May 25, 2018.
Speaking regularly with business executives across a wide spectrum, there are 3 common issues that keeping emerging from individuals and companies alike;
- We know we need to do something but don’t know where to start
- We are “waiting to see what happens” before we do anything
- It’s all a bit “overwhelming”
The reality is the legal framework will come into effect on May 25th 2018, that’s only half a year away! Therefore, there is a requirement within Irish market and Irish businesses to make sure we take the necessary actions required to achieve compliance by this time!
I thought it would be useful at this time to provide some practical advice… When asked “How do you eat an Elephant?” The answer, “You break it down into edible chunks!”
Breaking GDPR down into edible chunks will make compliance a lot easier and a lot simpler to get your teeth into. There are a few things you can look at;
Ensure the executive team are aware of the legislation
Understand which of the legislation applies to them and the company
Provide GDPR material for your team, to give them a better understanding.
Governance – Are there policies in place? Is there an audit capability? Is privacy built in by design?
Data processing – What does your data lifecycle management look like? Does your current processes comply with GDPR? Do you need to adjust your processes to comply?
Security – If there is a breach, what is the notification? What IT/Data security systems are in place? Do you need extra data protection software to be compliant?
Planning the most important aspect. With less than 6 months to go, planning will be essential. As the saying goes;
“Planning is bringing the future into the present, so you can do something about it now!” – Alan Lakein
Here are some things to consider in your planning for GDPR Compliance;
- Build Consensus and a Team
- Assess Risks and Create Awareness
- Clearly Design and Implement Operational Controls
- Maintain and Enhance Data Controls
- Ongoing Demonstration of Compliance
The truth is, GDPR is complex. The best advice I can give is to seek expert advice for meaningful interpretation and guidance, after all, when you are ill, you go to a doctor and when looking at your tax affairs, you go to an accountant or trained professional.
Same story for GDPR, get the help from a Cyber Security Professional!
Where can I go for advice and help?
Throughout the day, our exhibitors will be showcasing their latest technology combating cybercrime and our Re-sellers will be holding guidance sessions, giving you the opportunity to discover cyber products and solutions that best suit your needs and offering advice on how to use and implement them.
Our industry leading security experts will be sharing their insights and discussing the latest issues in the cyber space and will also be holding 1-to-1 consultations to discuss and answer all your questions.
We have brought the whole Cyber Security Ecosystem together under 1 roof, for this 1-day Expo, making data compliance easier than ever.
This is your opportunity to PREPARE and PLAN for GDPR. Don’t miss out!
For more info and to register for FREE, click here