Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Request a Demo

Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

Why the GDPR is as Much of a Mind Shift as a Regulation

1 Minute Read by Dixie Fisher

The General Data Protection Regulation (GDPR) affects all organizations that do business with the European Union and its residents. Which means it is the rare company around the globe that isn't impacted by the GDPR.

Despite years of preparation for the onset of this regulation - the legislation was proposed in 2015 - most organizations are not fully prepared for the GDPR, even as it becomes the law.

The GDPR is broad in scope and focused on the entirety of the flow of personal data in all its forms throughout an organization. Even if an organization wanted to, it would be difficult to simply tick compliance boxes for GDPR. The boxes don't exist.

What GDPR is really asking organizations to do is to change their mindset about personal data and who the owner of the data is. Dave Burleigh, one of our GDPR experts at Trustwave, says that "personal data is like DNA in document form." The data subject is clearly the owner of that DNA and should maintain rights about when, where and how that DNA is shared and when it is refused or retracted.

It remains to be seen how swiftly penalties are enacted for GDPR violations and how broadly across the globe. But it's fairly easy to predict that the GDPR is just a precursor of increasingly stringent data privacy regulations in other regions. Thus, as you drive your organization toward compliance with GDPR, implementing these high data privacy standards for residents of any country may offer you future proofing for upcoming regulations from other regions.

Changing your organizational culture's approach to managing personal data will require persistent effort that affects gathering, storing, accessing and processing personal data. From your initial analysis of your current data flow to the opportunity to build "privacy by design" in to new systems and processes, participation from the entire organization is required. It can't be a siloed IT project. The GDPR calls for an ongoing and unified program.

Wherever your organization is in relation to GDPR requirements, you should take a strategic look at how you can make the changes in both mindset and processes to develop an effective and ongoing data privacy and security lifecycle.

Dixie Fisher is a senior product marketing manager of compliance solutions at Trustwave.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Perspectives

Latest Intelligence

$500,000 HHS Fine Underscores the Need for Security and Compliance in Healthcare
Cyber Retail Fraud: A New Twist on an Old Game
E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo