Compliance risk

The implications and costs of security breaches are front-page news and encompass everything from loss of jobs, to loss of revenue, to PR nightmares. As the volume and proliferation of data—from cloud to mobile to social to machine—continues to grow, traditional security approaches no longer deliver safe harbor for sensitive data.

When General Data Protection Regulation (GDPR) of the European Union (EU) becomes law on May 25^th, 2018, organizations can face significant penalties of up to 4% of their annual revenue.  GDPR will force organizations to understand their data privacy risks and take the appropriate measures to reduce the risk of unauthorized disclosure of consumers’ private information.

Research cites conditions that will continue to challenge organizations in safeguarding their data and will also increase their responsibility for safeguarding their information

• Breaches continue to grow year over year (38%, PWC)
• Intellectual property thefts show significant growth (56%, PWC)
• Cost of data breaches is continually growing ($4M per incident, Ponemon)
• New privacy regulations (General Data Protection Act—GDPR)
• Boards are holding CEOs and executives responsible for breaches (NYSE survey)

With these conditions, organizations must have a complete understanding of their sensitive data and its risk to ensure compliance with policies and privacy laws, and organizations should monitor suspicious activity, unauthorized data access or transfers and remediate with security controls, alerts or notifications.