Share
Home Features Op-eds GDPR 4th anniversary

GDPR 4th anniversary

Risk analysis is another important area of GDPR compliance
GDPR 4th anniversary
Oliver Cronk

“Over $1.2 billion worth of GDPR fines were issued between January 2021 and January 2022 – a sevenfold increase on the previous year. If there is anything to take from this GDPR anniversary, it’s that organizations need to get their house in order straight away – as I expect another significant rise in fines over the course of this year,” said Oliver Cronk, Chief Architect at Tanium.

A cause of this will be the wholesale changes that were made to IT infrastructure overnight to keep businesses running during the pandemic, the negative impacts of this are still being felt by many organizations. The requirement for rapid change meant that security and compliance sometimes took a back seat – but this isn’t a sustainable long-term approach. It’s tough for IT teams to simultaneously juggle business priorities, but now that the pandemic has eased it’s crucial for GDPR compliance to be treated as a key focus area.

To support this, IT teams must fix the visibility issues that most of them have. Our research shows found that ninety-four percent of today’s enterprises find 20% or more of their endpoints are unprotected, making it impossible to be sure that data is being handled in a GDPR-compliant manner. Risk analysis is another important area of GDPR compliance because it enables IT risk to be assessed so that issues can be fixed before an incident occurs. This can be the difference between being on the back or front foot, helping to avoid data breaches, and the associated fines. Staff training is also crucial – and organizations need to ensure their Data Protection Officers support the whole company with information on how to remain compliant, especially given the new hybrid working landscape.

If these steps are followed, organizations will stand a good chance of not becoming the next big negative GDPR headline – which I expect to see several more of this year. The reputational damage caused by these events can often have a larger impact than the fine itself, so the value of GDPR compliance cannot be underestimated.”

Disclaimer: Opinions conveyed in this article are solely those of the author. The information presented in this article is intended for informational purposes only. It does not constitute advice on tax and legal matters; neither are they financial or investment recommendations. Refer to our full disclaimer policy here.