GDPR and Privacy: How to Earn the Trust of Your Customers and Keep Regulators Happy

Customer data is the lifeblood of any organisation and the key to unlocking sales and growth. But the data you hold and how you use it is about to come under intense scrutiny, thanks to new European privacy rules. The EU General Data Protection Regulation (GDPR) is the biggest shake-up to the region’s laws in this area in almost a generation, introducing sweeping new rights for consumers and potentially onerous obligations for organisations. To avoid hefty fines, whilst retaining the trust of your customers and prospects, you’ll need to pay special attention to the new rules and make lasting changes…

With Less Than 100 Days to Go, How to Get C-Level Buy-in for GDPR Compliance

For GDPR compliance initiatives to work effectively, there has to be buy-in from the boardroom. That doesn’t just mean releasing the necessary funds to bolster efforts ahead of 25 May, but understanding the need for long-term cultural and process changes to the organisation in the years to follow. However, with less than 100 days to go until the compliance deadline, only a quarter (26 per cent) of European firms are fully compliant, according to Forrester. So how can you drive greater awareness at senior levels of your organisation? The good news is that new Centrify research suggests that the C-level…

4 Months to Go: A New Year GDPR Checklist

As we enter the New Year, IT and security leaders have most likely been glued to revelations of major new CPU-level vulnerabilities Meltdown and Spectre, described by researchers as among the “worst ever” discovered. However, there’s arguably an even more pressing concern, not just for IT but the entire organisation: GDPR compliance. There are now just over four months to get your house in order before the sweeping new EU regulation formally comes into force on 25 May. Regulators will be given the power to levy fines of up to 4% of global annual turnover or £17m, whichever is higher….

Six Months and Counting: How Standards and Frameworks Can Help GDPR Compliance

The theft of highly sensitive personal information on 57 million Uber drivers and customers in the Uber data breach — and its subsequent cover-up — is in many ways what the GDPR was invented for. Here is a multi-billion dollar US tech company that reportedly protected access to key data in the cloud by using just static log-ins. Not only did its data protection controls therefore fall short of the best practice “state-of-the-art” approach outlined in the GDPR, but the firm also failed to report the incident — something which would incur a fine of €10m (£8.9m) or 2% of…

NIS Directive Compliance: It’s Just as Important as the GDPR

IT security managers have had plenty on their plate this year co-ordinating compliance efforts in advance of the forthcoming EU General Data Protection Regulation (GDPR). But while the sweeping new privacy law has dominated the headlines for the past year or more, there’s another important piece of regulation on its way from Brussels, that will apply specifically to “operators of essential services” (OES). It’s known as the EU directive on the security of Networks and Information Systems (NIS). With the same huge fines of up to £17m or 4% of global annual turnover levied for non-compliance, it’s vital that you…