Feature

IT leaders ready to embrace GDPR regulation; compliance challenges remain

IT leaders across the globe gear up to achieve compliance with General Data Protection Regulation (GDPR) which is just about to go live. 

Coming into force on 25 May 2018, The General Data Protection Regulation (GDPR) will transform the data privacy rules for organizations worldwide. GDPR is applicable to all organizations active in the EU and the service providers to EU data subjects. Only in case where the data is collected and processed outside EU, the new law is not applicable.

Even though the regulation primarily affects the European nations, due to today's hyper-connected ecosystem and the constant flow of data in and out of EU, it is expected that almost all countries will have some effect once the GDPR is enforced.

Here are what IT executives across the globe think about the new data privacy regulation and what needs to be done for achieving compliance:

 

“As we stand amidst the fourth industrial revolution, maintaining the integrity of personal data has become as imperative to national security as protecting a country’s cyber borders. Regulations like GDPR will begin a dialogue about what nations and multilateral stakeholders can to do to streamline a system of checks and balances on a digital planet.”

 

a

- Anant Maheshwari 

President, Microsoft India

                                                                                                                                         

                                                         

“There is a cultural change in the way organizations are starting to handle personal data and provide services to their customers. Current developments and changes being proposed in our privacy landscape, coupled with strong technical capabilities, provide great opportunities for Indian companies to align their services and data handling processes to global standards.”

s

 

- Sivarama Krishnan

Leader, Cyber Security, PwC India

 

                                                                                                                                                                                                  

"Effective control and management of the IT infrastructure spanning on-premises and cloud service providers for security and specifically encryption, will be a critical component in meeting the legislative requirements (for GDPR) and minimizing the risks to consumers.”

m

 - Mark Hickman

Chief Operating Officer, WinMagic

                                                                                                                                         

                                                         

"The proactive approach for data privacy and cybersecurity can result in new business opportunities, along with the trust of your stakeholders. Instead of searching for quick fixes to comply with GDPR, companies should focus upon long term sustainable improvements."

e

  

                         - Erik Andreson

Practice Leader of Cybersecurity Services, F-Secure

                                                                                                                                         

                                                         

"As regulations catch up, data privacy has fast evolved to become a matter of survival for companies. In order to be compliant, a business must begin introducing the correct security protocols in their journey to reaching GDPR compliance, including encryption, two-factor authentication and key management strategies to avoid severe legal, financial and reputational consequences."

r

 

- Rana Gupta

VP – APAC Sales, Identity and Data Protection, Gemalto

                                                                                                                                         

                                                         

"We must do everything we can to ensure that we are compliant with the GDPR, including full SLDC with privacy/security-by-design and privacy-by-default. However, we also need to spend more time than ever on awareness. If the requirements are not truly understood by everyone, the personal data on any system can be breached."

p

 

- Peter Hansen

Senior Security Advisor, Capgemini