Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Security Journal Authors: James Carlini, John Walsh, Pat Romanski, Elizabeth White, Mehdi Daoudi

Related Topics: Cloud Computing, Security Journal, Big Data on Ulitzer

Blog Post

Is Your Company Ready for the General Data Protection Regulation? | @CloudExpo #Cloud #Security #Analytics

The world is now on the brink of what could be called the Y2K bug of data privacy – the EU’s General Data Protection Regulation

Is Your Company Ready for the General Data Protection Regulation?

Remember the Y2K bug, the computer coding flaw that was predicted to cause global havoc when the two-digit dates embedded in software rolled over from 1999 to 2000? After organizations around the world spent a year checking and upgrading their systems to deal with the issue, few major problems ended up occurring.

The world is now on the brink of what could be called the Y2K bug of data privacy - the European Union's General Data Protection Regulation (GDPR), tough rules that require companies to be more transparent about the information they collect on individuals and how it is used.

GDPR's impact reaches beyond Europe because it covers any company with data about European Union citizens on its servers. Are you a U.S. bank with a subsidiary in Europe or a retailer with online customers on the continent? GDPR applies to you.

GDPR replaces the 1990s-era Data Protection Directive 95/46/EC and institutes new obligations on matters such as data use consent, data anonymization, breach notification, trans-border data transfers and appointment of data protection officers.

It covers any information that can be used to directly or indirectly identify a person - a name, a photo, an email address, financial details, posts on social networking sites, medical information or a computer IP address.

The EU Parliament approved GDPR after four years of debate in April 2016, but the big Y2K-like date on the horizon is May 25, 2018. That's when GDPR becomes enforceable with fines of up to 4 percent of a company's annual worldwide revenue or €20 million, whichever is greater.

Organizations can adopt one of two strategies in reaction to GDPR: Hope that the regulation is all bark and no bite and the EU really won't enforce it. Or expect that the EU will take the law very seriously and undertake the work now to address it.

Option #2 is the only sensible one, of course, so companies need to spend the next year making major operational moves to be prepared.

The task is immense. Many organizations have grown their customer databases through disparate, siloed systems, then have tried to integrate them through a higgledy-piggledy mess of connections. Tracking an individual across this convoluted landscape is very complicated.

By empowering individuals to know what data businesses have on them, ask that the data be deleted if they so choose, and demand proof that it has been removed, the regulation forces companies to do a better job understanding and controlling the data they have in their systems if they are to abide by GDPR.

What should organizations do? As with any major challenge, it comes down to a proactive approach and having the right people, processes and technology.

People
Every organization should appoint a senior-level officer who can serve as a central authority on the range of activities, from process reviews to technology purchases, needed to ensure GDPR compliance. This "GDPR czar" should organize activities across the organization and break down any silos that interfere with a coordinated response.

The GDPR leader should be someone other than the Chief Data Officer, a position that 50 percent of companies now have, according to Gartner, and "bears responsibility for the firm's enterprise wide data and information strategy, governance, control, policy development and effective exploitation."

While responsibility for GDPR would seem to fit the CDO's job description, it's important for the CDO to stay focused on leveraging data as a business asset through machine learning, data analysis and other cutting-edge techniques rather than being consumed by the day-to-day intricacies of the GDPR compliance effort.

In addition, GDPR should be considered a board-level imperative. Corporate boards should demand accountability from the CEO on GDPR and engage in an ongoing dialogue with him or her on the issue.

Process
Organizations should adopt a GDPR operational plan for each of the affected lines of business, including HR, Legal, Marketing, Finance, IT and Procurement. Each department needs to have a firm grasp on what data it has and to update it when necessary.

The GDPR Awareness Coalition, a non-profit initiative established in February 2017 to raise awareness of the regulation, recommends that organizations also ask themselves these questions: Do we have appropriate means to secure and protect data? Do we have measures in place to ensure we don't hold data longer than is necessary? Is our system of storing data suitable for responding fully to requests to, say, delete an individual's information without delay?

GDPR is not an area to skimp on carefully thought out and wel-executed processes.

Technology
Without question, organizations will need to acquire additional technology to come to grips with GDPR. Among the types of technologies that will be required are encryption technologies, analytic and reporting technologies, and test data management.

While this additional spending may be a bitter pill for some companies to swallow, the fact is, an ounce of prevention is worth a pound of cure. Investing in technology now is better than throwing away money on stiff fines later.

As with the Y2K bug, organizations cannot adopt a wait-and-see approach. They need to diligently work now to address the regulation as the May 25, 2018, deadline looms.

Tick tock, tick tock.

21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world.

Download Show Prospectus ▸ Here

Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS - software, platform, and infrastructure as a service.

With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo, October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.

Track 1. Enterprise Cloud | Cloud-Native
Track 2.
Big Data | Analytics
Track 3. Internet of Things | IIoT | Smart Cities

Track 4. DevOps | Digital Transformation (DX)

Track 5. APIs | Cloud Security | Mobility

Track 6.
AI | ML | DL | Cognitive
Track 7.
Containers | Microservices | Serverless
Track 8. FinTech | InsurTech | Token Economy

Cloud Expo | @ThingsExpo 2017 Silicon Valley
(October 31 - November 2, 2017, Santa Clara Convention Center, CA)

Cloud Expo | @ThingsExpo 2018 New York 
(June 12-14, 2018, Javits Center, Manhattan)

Download Show Prospectus ▸ Here

Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers.  

Companies are each developing their unique mix of cloud technologies and services, forming multi-cloud and hybrid cloud architectures and deployments across all major industries. Cloud-driven thinking has become the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, and the public sector.

Cloud Expo is the single show where technology buyers and vendors can meet to experience and discus cloud computing and all that it entails. Sponsors of Cloud Expo will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers.
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35-minute technical session
  • Online advertising in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage.
  • Unprecedented PR Coverage: Editorial Coverage on Cloud Computing Journal.
  • Tweetup to over 75,000 plus followers
  • Press releases sent on major wire services to over 500 industry analysts.

For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez by email at events (at) sys-con.com, or by phone 201 802-3021.

The World's Largest "Cloud Digital Transformation" Event

@CloudExpo | @ThingsExpo 2017 Silicon Valley
(Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA)

@CloudExpo | @ThingsExpo 2018 New York 
(June 12-14, 2018, Javits Center, Manhattan)

Full Conference Registration Gold Pass and Exhibit Hall ▸ Here

Register For @CloudExpo ▸ Here via EventBrite

Register For @ThingsExpo ▸ Here via EventBrite

Register For @DevOpsSummit ▸ Here via EventBrite

Sponsorship Opportunities

Sponsors of Cloud Expo | @ThingsExpo will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35 minute technical session
  • Online targeted advertising in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage
  • Unprecedented Marketing Coverage: Editorial Coverage on ITweetup to over 100,000 plus followers, press releases sent on major wire services to over 500 industry analysts

For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez (@GonzalezCarmen) today by email at events (at) sys-con.com, or by phone 201 802-3021.

Secrets of Sponsors and Exhibitors ▸ Here
Secrets of Cloud Expo Speakers ▸ Here

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo@ThingsExpo, October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-4, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.

Delegates to Cloud Expo | @ThingsExpo will be able to attend 8 simultaneous, information-packed education tracks.

There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.

Join Cloud Expo | @ThingsExpo conference chair Roger Strukhoff (@IoT2040), October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, for three days of intense Enterprise Cloud and 'Digital Transformation' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and (IIoT) Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) Digital Transformation in Vertical Markets.

Financial Technology - or FinTech - Is Now Part of the @CloudExpo Program!

Accordingly, attendees at the upcoming 21st Cloud Expo | @ThingsExpo October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, will find fresh new content in a new track called FinTech, which will incorporate machine learning, artificial intelligence, deep learning, and blockchain into one track.

Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.

FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.

More than US$20 billion in venture capital is being invested in FinTech this year. @CloudExpo is pleased to bring you the latest FinTech developments as an integral part of our program, starting at the 21st International Cloud Expo October 31 - November 2, 2017 in Silicon Valley, and June 12-14, 2018, in New York City.

@CloudExpo is accepting submissions for this new track, so please visit www.CloudComputingExpo.com for the latest information.

Speaking Opportunities

The upcoming 21st International @CloudExpo@ThingsExpo, October 31 - November 2, 2017, Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY announces that its Call For Papers for speaking opportunities is open.

Submit your speaking proposal today! ▸ Here

About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).

Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.

More Stories By Chris Boorman

Chris is responsible for worldwide marketing at Automic, a leader in business automation software. Prior, he served as chief marketing officer for cloud collaboration vendor Huddle, and data integration leader Informatica. He has more than 20 years of experience leading international teams at enterprise companies including SDL, salesforce.com, VERITAS and Oracle.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.