GDPR is coming into play in May 2018, but a lot of companies remain unprepared, which could have implications on how they process data.
The post 10 ways to prepare your organization for GDPR appeared first on WeLiveSecurity
Tag Archives: gdpr
Panda Security’s GDPR Preparation Guide Helps Ease the Transition to the New Regulation
There’s a new challenge that lies ahead for businesses that have operations within the European Union. The new General Data Protection Regulation came into effect on 25 May, 2016, and will begin to be enforced 25 May, 2018.
With the focus on protecting the fundamental rights and freedoms of natural persons and their right to the protection of personal data, the regulation establishes obligations and advantages both for private entities and public administrations.
Panda Security’s “Preparation Guide to the New European General Data Protection Regulation” introduces the new legislation to businesses before its application in 2018. Disregarding the application of the GDPR could lead to costly administration fines of up to 20,000,000 euros.
Panda’s objective is to address the need to adapt data security practices and thereby give its clients a competitive advantage.
How will the GDPR affect businesses?
One of the main points of the white paper is that taking action only when an infringement has already occurred is insufficient as a strategy, since such a failure can cause irreversible damage to interested parties and can be very difficult to compensate.
Here are some sanctions and other potential problems stemming from non-compliance with the GDPR:
- Direct or indirect economic repercussions. These could result from security incidents coming from outside the company or from a company’s own employees and collaborators.
- PR damages. Damages to your reputation could result from security incidents not properly being reported to the public.
- The loss of current or potential clients may occur when the company is unable to demonstrate that it is in compliance with the regulation.
- The risk of data-processing limits or bans imposed by data protection audits, which could affect the normal functioning of a company.
- The possible suspension of your service for your clients, which could induce them to leave your service or even take legal action.
- Reparations that interested parties will have the right to claim in case of infringement.
- Costly administration fines that could reach up to 20,000,000€ or 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.
Panda Security, a partner in compliance with the new law
For organizations dealing with data, prevention is the core element of the regulation. We underscore the importance of working with vision and anticipation as a competitive advantage in business strategy.
Businesses that have put their trust in Adaptive Defense are already well on their way to complying with the GDPR. It offers:
- Prevention: Adaptive Defense features an internal audit system to verify the security status of the IT infrastructure at any given time, even before the solution is deployed. In the implementation of the action plan for compliance with the GDPR, it proves to be an invaluable tool.
- Protection of personal data processed on a business’s systems, stopping, for example, any untrusted process from running.
- Risk reduction, key activity indicators, and endpoint status, which helps to establish security protocols.
- Tools to satisfy the requirement to notify authorities of security incidents within the first 72 hours after a breach·
- Control mechanisms and data management for the DPO, who will be notified in real time not only of security incidents, but also whether or not these incidents involve compromised personal data files.
The post Panda Security’s GDPR Preparation Guide Helps Ease the Transition to the New Regulation appeared first on Panda Security Mediacenter.
Is GDPR good or bad news for business?
The General Data Protection Regulation (GDPR), the biggest reform of privacy legislation for 20 years, will come into effect on May 25, 2018, bringing with it major changes to Europe’s privacy laws.
The post Is GDPR good or bad news for business? appeared first on WeLiveSecurity
GDPR: Enabling Digital Transformation in the EU
There is a growing amount of personal information and data available on the internet that is accessible to an infinite number of businesses and organizations. In regard to this, there is something we must keep in mind: GDPR.
The General Data Protection Regulation (GDPR) affects all businesses in the European Union. It also affects businesses that offer services to EU citizens, monitor their behavior, or obligate them to give information extracted from data processors.
But, what will happen to the IT security sector once the BREXIT is in full swing?
The GDPR and Cybersecurity Post-Brexit
Two facts influenced the title of this article:
- Businesses are currently immersed in a technological revolution. Cybersecurity has opened the door for Digital Transformation. In fact, 43% of company heads consider that security should be the first priority when implementing Digital Transformation. IT security is a true business value because businesses cannot be digital without first protecting themselves.
- The Brexit: It is impossible to ignore the strong influence that the UK has had on the EU, especially in the cybersecurity sector. We cannot disregard the level of paternity that the UK has had in regards to cybersecurity laws, which mostly come from the European Convention on Human Rights (a humorous example of this can be seen in this Monty Python remake).
When summarizing the GDPR, there are three main points to keep in mind:
1- The baseline scenario for most organizations and companies larger than 250 employees in the EU: institutions who have successfully empowered employees with business silo information, who have implemented Big Data tools, and generated trillions of data files from productivity tools.
2- To fix the IT problem we need to take back control of the distributed information silo and comply with rules 12-21 of the GDPR (clear ownership, custodian and new specific accesses like the right to be forgotten, serious and proactive reporting of all data leakage and manipulation incidents, etc.) while satisfying the growing demand for digital transformation. This suggests that there is a greater distribution of business data that is both quick and automatic.
3- Lastly, we must place some importance on some of the technologies that have been implemented and personalized in different companies (Spain) over the last two years. The results have been positive with a different operational impact deriving from the GDPR based on intelligent threat platforms like Panda Adaptive Defense 360.
The future of GDPR after the BREXIT
These changes should be in full swing by mid-2018. It is uncertain how to anticipate the GDPR changes, especially when it comes to implementing operational changes related to cross-border data transfer. We hope this information is useful for people in IT roles who are up against similar situations. We will continue to look over the current regulations and wait for GDPR updates following the BREXIT. Stay tuned!
Author: Salvador Sánchez Taboada https://www.linkedin.com/in/salvadorsanchez/es
The post GDPR: Enabling Digital Transformation in the EU appeared first on Panda Security Mediacenter.