Source: Infosecurity Magazine
03 Jul 2018
As you’ve discovered if you’ve been wading through GDPR preparations for the past year or so, this is not a set-it-and-forget it regulation. With its focus on individual data privacy rights, it represents an ongoing commitment to protecting sensitive data, providing data subjects with access and control over their information, and continuously monitoring and improving all parts of the data ecosystem.
The GDPR affects any organization that handles the personal data of European Union (EU) residents, regardless of where it is processed. The rules add another layer of complexity, not to mention potential cost and associated resources, to the issue of critical information asset management that so many organizations are already struggling to address.
However, organizations will benefit from the uniformity introduced by the reform and will evade having to circumnavigate the current array of often-contradictory national data protection laws. There will also be worldwide benefits as countries in other regions are dedicating more attention to the defense of mission-critical assets.
At the Information Security Forum (ISF), we believe that the GDPR has the potential to serve as a healthy, scalable and exportable regime that could become an international benchmark.
Leading organizations are looking beyond compliance, by extending the breadth of GDPR compliance programs to leverage additional benefits. Examples include:Read Full Article