Are you prepared for the GDPR?

Publish date:

The general issue lies with anyone with justified and managed access to process data, for its purpose, since that’s the business need and actual reason for the data existing in the first place.

Historically, it has been argued that end users must be involved for a proper security-awareness posture to work – “don’t open attachments,” “don’t click on links,” “don’t print something without getting it from the printer,” “don’t speak in public about sensitive matters,” – i.e., the situation that some of our clients still find themselves in today. We can implement all available technical measures in terms of anti-malware, web filtering, RFID to print, but at the end of the day, we still rely on peoples’ awareness of how sensitive the information is. And, to be honest, making people aware and encouraging them to respect trade secrets is not that hard.

Neither is making the majority of them instinctively careful with email content (although “ransomware” through email with required user interaction is still “effective”). But what about the basic information that is used by millions every hour of every day – personal data?

We can identify all personal data that is processed and stored; all the business processes that are involved; all the applications and systems that are used to support, information minimization, automatic deletion routines, etc. The general issue lies with anyone with justified and managed access to process data, for its purpose, since that’s the business need and actual reason for the data existing in the first place.

Ultimately, we must do everything we can to ensure that we are compliant with the GDPR, including full SLDC with privacy/security-by-design and privacy-by-default. However, we also need to spend more time than ever on awareness. If the requirements are not truly understood by everyone, the personal data on any system can be breached.

We surveyed 1,000 executives and 6,000 consumers across eight markets to explore attitudes to, readiness for, and the opportunities of the GDPR. Download the report to read the complete findings: Seizing the GDPR advantage.

 

 

 

Related Posts

Cloud Security

Cloud security is not too different

Roy Samson
Date icon August 13, 2018

Take a closer look at your current security options before investing in new ones.

Cybersecurity

IAM DevOps in Capgemini

Terence Stamp
Date icon August 10, 2018

The Agile methodology has been gaining traction in its adoption throughout the business world. ...

Cybersecurity

Capgemini presents Next Generation Security Operation Center

Christer Jansson
Date icon June 14, 2018

Next generation security operation centers (SOCs) resolve the need for cybersecurity skills and...

cookies.

By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.

Close

Close cookie information