Information security, governance and regulation in harmony
The EU’s General Data Protection Regulation (GDPR) is reshaping the way that organizations think about data security, as well as driving them towards better information governance. This paper highlights key aspects of GDPR for security professionals – aspects to investigate as you ensure that your security planning is fully aligned with your organization’s GDPR plans. This alignment is essential because data security is implicit to GDPR – after all, without security, personal data cannot be private, and personal data privacy is what the GDPR is all about.
The paper also addresses the important role of IT security professionals in driving the necessary shifts in the organizational mindset. For GDPR compliance, organizations should recognize that the personal data which they have painstakingly collected is not theirs to do with as they wish. Under GDPR, our personal data is ours – the organizations we share it with are its guardians or stewards, not its owners, and they must collect, store and use it in a trustworthy manner.
Bryan is a technology enthusiast and industry veteran. He has been analysing, explaining and writing about IT and business in a highly engaging manner for around three decades. His experience spans the early days of minicomputers and PC technology, through the emergence of cellular data and smart mobile devices, to the latest developments of the software-defined age in which we all live today. Over his career, Bryan has seen at first-hand how IT changes the world – and how the world changes IT – and he brings that extensive insight to his role as an industry analyst.