SMEs in particular, face a significant challenge to correlate the output from various systems and interfaces. It is therefore important that the right tools are chosen to empower SMEs to meet these challenges says David Feldman.
May 2018 signals a watershed moment for data protection regulation which should be seen an opportunity for greater emphasis to be afforded to information security, and the processes that support this across organisations.
If GDPR had been in effect during the latest Uber hack, the ride-sharing company would have faced stiffed consequences - or more promptly revealed the attack that compromised data of 57 million customers and drivers.
There has been speculation about the impact of incoming GDPR on government schemes that monitise the data of citizens given to them for the delivery of a service, which is then sold on without the data owner's consent.
As the GDPR clock ticks down to implementation, it is clear that this will not be a non-event like the Millennium Bug - it will happen and there will be dire consequences, potentially company-closures, in the event of non-compliance.
GDPR: It's important to put data intelligence tools in place that will allow you not only to conduct an audit of the data you have collected in the past but also address compliance in the future says Rob Perry.
SMBs in the UK with operations or supply chain in the EU need to focus their attention on GDPR and security posture; there is a level of scrutiny around data management that many SMBs are unlikely to have experienced before.
GDPR - Process change is just the beginning, but more interestingly we will see new technologies and use-cases being born and blossom that we can't yet imagine says Todd Ruback.
Focus on the big picture of what GDPR and DPB are trying to achieve, and not the minutiae of a document.advises Marco Dos Santos.
Ahead of GDPR, even minor breaches are now being reported, with the UK government agency, the Homes and Communities agency, notifying the ICO of a limited breach of its information security policy on Monday 9 October.
Under GDPR, organisations must notify customers and authorities of a breach within 72 hours of becoming aware of the attack. James Barrett suggests this will transform how breaches are handled, including by companies like Equifax.
Using machine data to monitor staff behaviours can identify potential PII breaches before they happen and avoid the huge fines that would follow once GDPR comes into effect says Matthias Maier
GDPR is built on the assumption that people are better prepared than they are, so we will fail to comply, therefore take a risk-based approach and focus on the things that matter.
GDPR calls for a documented, systematic approach to evaluating your security measures - including how you patch, but patching Open Source code has its own problems explains Matthew Jacobs and Daniel Hedley.
The Information Security Forum (ISF) has released the GDPR Implementation Guide, which offers organisations a two-phase walkthrough to prepare for and implement a GDPR compliance programme.
Itay Glick runs through some of the protections and their effectiveness against becoming not just the victim of a data breach, but also an early casualty of swinging GDPR fines.
Before you start looking at GDPR you need to understand what PII data you have, where it is, who has access, who it is shared with, and ultimately, how you can best manage it according to GDPR requirements says Julian Cook.
Implementation of GDPR could potentially spell the end of almost one in five European businesses says Petter Nordwall, particularly if regulators come out swinging and impose maximum fines for data breaches.
With increasing reliance on cloud applications, businesses must start taking the issue of security in the cloud seriously. They must start asking the right questions about the service providers they are looking at says Joe Pindar
In our connected society, securing the network "hive" is very much a team effort. Only by assessing and defining the landscape in the first instance can a successful security strategy be put in place says Russell Crampin
Today second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, "We have recently been subject to an online security breach."
In Case You Missed It: Skills gap real? Mirai hits DT; GDPR ignored; £14.5m cyber-centre; ApplePay vulnerable to two threats
New research from Veritas says only two percent of organisations actually appear to be in compliance with the GDPR, revealing a distinct misunderstanding over regulation readiness.
Companies are likely to be closed down by swinging EU penalty fines next year given the failure of the C-Suite to prepare for GDPR despite rising breaches in the retail sector.
Richard Whomes looks at how companies must ensure that they can access and view data across the entire IT estate, to comply with the EU GDPR.
Riashmi Knowles discusses how communication, or lack of, is the blight of the security industry.
The GDPR klaxon rings: Germany becomes the first country to pass the GDPR through its legislative process, as Lords in the UK release a report on what post-Brexit GDPR will look like.
Gordon Morrison discusses how GDPR is a once in a lifetime opportunity to overhaul cyber processes.
Steven Kenny discusses why cyber-security across the entire supply chain is key for organisations in ensuring GDPR challenges are met.