Sponsored By

6 Actions That Made GDPR Real in 2019

In the wake of recent fines levied against British Airways, Marriott, and Facebook, companies are starting to take data privacy and security more seriously.

Steve Zurier

July 22, 2019

7 Slides

2019 may well be remembered as the year GDPR got real.

To be sure, July alone has been hopping, with hundreds of millions in fines and settlements being doled out in both the US and UK for violation of the European Union-issued General Data Protection Regulation, which went into effect May 25, 2018.

"I think as of now it's clear that GDPR is not an empty suit," says Nader Henein, a senior director analyst at Gartner who focuses on data privacy. "I think the regulators really want to see companies handling personal information more carefully. A lot of organizations were sitting on the fence, but I think these fines are starting to have an impact. A lot of multinationals are paying more attention."

Yet fines can't do it alone, adds Matt Radolec, head of security architecture and incident response at Varonis. Real change, he says, must come from all three parties: regulators, complaints and questions from consumers, and guidance from security practitioners.

"Let's build realistic security guidelines that are actionable and specific," Radolec says, pointing out that the Risk Management Framework (RMF) developed during the Obama years were very effective in raising awareness.

Here are six GDPR-related actions, in chronological order, that have turned heads during the first part of this year.  

 

About the Author(s)

Steve Zurier

Contributing Writer, Dark Reading

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights