Responsible Security and Responsible Disclosure: Why a VDP Matters
No organization has perfect security, so a VDP serves as one layer of many in a mature vulnerability management program. Learn about what a VDP…
A lot has happened since we last wrote about the EU’s General Data Protection Regulation (GDPR) and trends in data privacy. What was once seen as some of the most stringent data privacy regulations are quickly becoming the standard for data privacy worldwide. As the regulatory landscape continues to evolve, here’s what you need to know and seven steps you can take to prepare for what’s coming.
Fines for GDPR violations are steep, with two tiers of penalties which max out at the higher of €20M or 4% of global revenue. In addition, data subjects, or the person whose data is processed, can seek compensation for damages.
According to a report by DLA Piper, between January 2020 and January 2021, data breach notifications under GDPR rose 19% while fines increased by 40%. This double-digit growth is expected to continue in the foreseeable future, driven by evolving regulations worldwide and increasing consumer awareness of their rights to data privacy.
Although the security perimeter of companies expanded with the transition to remote work, the rules around data privacy did not change, making GDPR compliance even more complex. GDPR mandates that personal data is protected both in transit and at rest.
Data is in transit whenever you access it—whether that’s from a central office or a home office—while data at rest is any data being stored in the cloud, on a hard drive, or any other device. You need to ensure your company’s cybersecurity policy and practices are up to date with these developments and employees are trained appropriately to avoid data breaches.
The regulatory landscape continues to evolve worldwide. Countries such as India, China, Brazil, Singapore, and Australia, among others, are developing new or revisiting existing privacy legislation. Domestically, states within the US have enacted or are contemplating cybersecurity, data security, and data breach notification laws as California did with the CCPA to protect their citizens.
According to Gartner, by 2023, 65% of the world’s population will be covered by modern data privacy laws. This means companies that process or collect data flows will have to coordinate and comply with multiple regulatory frameworks and more stringent data protection standards, with a high cost for non-compliance.
Adhering to GDPR’s or any country’s data privacy standards is about more than taking the necessary safeguards, your company must be able to demonstrate compliance. Here are some actions you can take to stay in compliance and be better prepared for what’s coming.
Requirements of the GDPR and other data privacy regulations are continuing to evolve and change which presents challenges for organizations, especially since the requirements to become and maintain compliance varies for each business. Learn how LogicGate can help you take the uncertainty out of data privacy compliance by centralizing and automating your data privacy processes as well as enhancing any of your existing processes.
No organization has perfect security, so a VDP serves as one layer of many in a mature vulnerability management program. Learn about what a VDP…
As regulations change, your company must deploy additional resources to understand the relevant rules in order to develop the appropriate workflows. With the systematic approach…
LogicGate's Senior Information Security Analyst, Anthony Matar, discusses the 3 most common policy management pitfalls and how to avoid them.