The EU’s General Data Protection Regulation (GDPR), which was implemented in May, hasn’t been an afterthought for North American companies. If you transact online with anyone in the EU, you’re subject to GDPR’s rules. This means that global organizations of all sizes have had to reassess how they manage and secure their data.
Understanding and complying with data protection legislation should be a major focus for all organizations as we head into 2019. The results of noncompliance are severe enough to do serious long-term damage.
“This is the No. 1 cybersecurity point to call out,” said Brad Puckett, Global Knowledge global portfolio director of cybersecurity. “The implications of the possible fines are staggering, both monetarily and brand-wise.”
IDC predicts that a lack of attention to GDPR principles will “likely be the undoing of at least one large organization by 2022.”3
To limit noncompliance with the law, organizations should invest more in IT security and data management. Cybersecurity professionals in particular need an understanding of the entire data environment, including data both on-premise and in the cloud.