Turned into law in 2016, the EU’s General Data Protection Regulation (GDPR) finally goes into effect this week, slapping strict requirements on millions of businesses and subjecting violators to severe penalties. The complex regulation applies to any organization worldwide — not just in Europe — that controls and processes personal data of EU residents, whose security and privacy GDPR fiercely protects.
GDPR calls this data’s protection a “fundamental right” essential for “freedom, security and justice” and for creating the “trust” needed for the “digital economy” to flourish. Its requirements amount to what some have called zero-tolerance on mishandling EU residents’ personal data.
A PwC survey found that more than half of U.S. multinationals say GDPR is their main data-protection priority, with 77% planning to spend $1 million or more on GDPR readiness. “Data protection has been a thing organizations know about, but GDPR has brought it all to the forefront,” Richard Sisson, Senior Policy Officer at the U.K.’s Information Commissioner’s Office (ICO) said during a recent GDPR roundtable.
Penalties can be stiff. One possible fine: Up to 4% of your company’s annual revenue, or up to €20 million, whichever is higher. GDPR also gives leeway to EU countries to impose heavier fines and stricter requirements. Still, Gartner estimates that about half of organizations will not be in full compliance with GDPR requirements by the end of 2018.
Regardless of where you are in your GDPR preparedness journey, Qualys can help you. To that end, today we begin a blog series in which we’ll highlight how Qualys can assist you by solidifying the security and compliance foundations of your organization, thus slashing your risk of data breaches that could land you in GDPR hot water.
We’ll address IT asset visibility, vulnerability management, threat prioritization, web application security, file integrity monitoring, vendor risk management, public cloud protection, and other essential elements of a rock-solid security and compliance posture.