On May 25, the General Data Protection Regulation will bring sweeping changes to data security in the European Union. If your organisation collects personal data or behavioural information from anyone in an EU country, it’s subject to GDPR requirements.
However, due to the complexity of the legislation and the fact that not all the details have been finalized, the readiness of companies is quite varied.
While GDPR is everywhere in security and privacy news these days, too many organizations have underestimated the workload required and failed to allocate accountability and resources adequately. Some others have assessed it as an IT/ICT or security department concern, when the understanding of value, along with why and how personal data is processed, sits within the business functions.
Wherever your organization stands on its path to readiness, this white paper from (ISC)² will help you better understand GDPR and your company’s compliance obligations.
Download the document for insights as you prepare, including the steps to put a plan in place.