The General Data Protection Regulation (GDPR) is packet of rules to harmonize data protection laws in the EU. It will bring better transparency and will help to support the rights of individuals in the growing digital economy.
The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the EU, or that collect and analyze data tied to EU residents. Even organizations outside Europe need to be compliant, or otherwise face significant penalties.
Primary Objective of GDPR is to give citizens back control of their personal data!
It is important to note that the GDPR is a regulation and not a directive! This means that it is directly applicable in all EU member states from May 2018. A directive only directs member states to implement ruling, but does not enforce.
Any organizations spend billions on security solutions to protect data, block malware and keep critical business processes operating, yet most companies are still prone to evolving dangerous cyber-attacks.
Our approach is to help you measure how prepared (or not) your systems are and provide with the assurance your security perimeter is working properly, by exposing where your weaknesses reside in your infrastructure.
Our team members are highly proficient & well informed of the most up-to-date technology used in cyber simulation as well as shrewd enough to mimic the latest and most sophisticated cyber-attacks.
- People Security: Solutions ranging from identity and access management to single sign-on self-service, through governance and compliance, authentication and authorization systems
- Software Security: Dedicated security for APP & IT environments through API management, audit, patching and configuration technologies, application performance, etc…
- Data Security: Cryptography and data masking solutions become the most important technological pillar alongside solutions for controlling user privileges
The GDPR will transform the CyberSecurity concept. Privacy & Data Protection is a right for anyone!
The European General Data Protection Regulation will effectively will be in force by end of May 2018. Companies operating on European territory must prepare themselves to reach the point by that date
Are companies really ready? As follow, I will try to summarize challenges they will have to face and what kind of investments they have to start to “put in place” GDPR Rules
The level of preparation for the challenges introduced by the GDPR, obviously varies from company to company, depending not only on the size but also on the previous level of Data Protection they already put on field.
Generally speaking, companies would not like to spend money and effort about Data Security; they prefer to concentrate efforts and resources on business growth, sale of products and services. However, security is an aspects that now have to be considered in company strategies, especially after the great revolution introduced by the digitalization and IoT & NFV.
In fact, this digital transformation widely open the operation market for any companies, it creates new ways to the growth & internationalization to conquest broader market share. Of course, it has also amplified cyber threats and hacker attacks on companies, literally “destroying” some brands.
In 2016, more than 4 billion records (of corporate databases) “pierced” by threats & attacks that mainly concerned personal data and people’s access credentials
[Kitch cites the latest Verizon report “Data Breach Investigations Report, 2017” – Ed.]
The positive side of this scenario, is that the increase of threats and attacks raises the need for protection. If we look specifically at GDPR, we can say that many companies are not yet ready to deal adequately with the Regulation, especially small and medium-sized. Enterprise-level companies are a little more accustomed about be compliance with regulations & budget strategy to achieve it, perhaps because they understand better all connected problems to thread and data intrusion… What I mean is that companies (especially large ones) have already adopted an internal hard security to protect their databases: firewalls, anti-intrusion systems, network segmentation & data loss prevention. This with the aim of blocking direct access to company databases.
Based on what above, we can say that the GDPR not only will cover an old problem about security regulation but it will also open new business possibilities for all IT companies.
Furthermore, thinking about the V-RAN, the new technologies on Mobile World, this rules will become even more important. In fact, any threat to the V-RAN could simply tip the balance in the benchmarking between competitors, grow churn between mobile operators, creates big money impacts to MNO, …
This would perhaps add the right weight which we need, and which is lacking, in order to tip the balance in favour of more comprehensive security rules & procedures.
Based on this, we need to invest far more in R&D – and this applies to the next few budgets too – if the second generation is to become a reality in the shortest possible time and tip the balance decisively in favour of a cleaner environment