GDPR


Changes in EU legislation coming into force in 2018 will affect almost every company that does business in or with the EU.


What is the NIS?


The Network and Information Security (NIS) Directive will be implemented to achieve a common level of protection against cyber-attacks across all member states. This will affect companies providing essential services (e.g. energy, health, transportation) and digital services (online marketplaces, search engines, and cloud computing).


What is the GDPR?


The General Data Protection Regulation (GDPR) will bring data protection law up-to date to reflect society’s behaviours and values, including the use of social media and other online services. It requires each organisation to have regard to the ‘state-of-the-art’ when ensuring it is appropriately protected for its defined level of risk. It also introduces mandatory reporting of personal data breaches. There will be severe fines for non-compliance to GDPR.

What is a Security Posture?

National Cyber Security Centre

The National Cyber Security Centre states that ...


"DEFINING AND COMMUNICATING YOUR BOARD'S INFORMATION RISK REGIME IS CENTRAL TO YOUR ORGANISATION'S OVERALL CYBER SECURITY STRATEGY"


Find Out More


 

What do you need to know?

  • Does GDPR or the NIS Directive, or both, apply to your organisation?
  • Which external organisations can be relied on to give authoritative insight into the requirements?
  • What is the timescale to reach compliance, and what actions need to be taken now in order to achieve compliance by the deadlines?
  • What budget have you allocated for compliance?
  • Is your board taking compliance with the NIS Directive and/or GDPR seriously? How can you gain its attention, and what do you tell them about your organisation’s current approach to compliance?
  • What is the company understanding of state-of-the-art around security? How do you define it and who advised you on this?
  • What is the process for measuring existing security capability against state-of-the-art, and how often should this be reviewed?
  • What processes need to be implemented now, and in what timescale, so that the organisation has a realistic chance of implementing appropriate security capability?

Download the IDC Whitepaper

See the result of the IDC research on how businesses in Europe perceive the upcoming EU requirements of “state of the art” cybersecurity.

FREE Network Review

Request your free personalised security lifecycle review. Register Now