Guide to Navigating Retail Related Defense
The EU's General Data Protection Regulation (GDPR) has seen data protection driven up on the agenda at banks and insurance providers. Data privacy regulation has moved from a reactive to a proactive emphasis. “Businesses are now scrambling to put in processes and technology so they can care for any personal identifiable information appropriately, and be seen as taking data security seriously or risk punitive punishment. The impacts of GDPR are felt not only by banks and other financial services companies, but also by the broader ecosystem that encompasses third-party vendors and partners who will also feel the impact of the regulation.
As a CISO, my challenge has been to reduce the number of alerts by filtering out the noise generated by a myriad of data sources. I have to balance the latest "good idea" checklists and frameworks with the budget and staff that I have already. As an Information Security expert, I have discovered that it is costly both financially and organizationally in staff morale to constantly having to conduct "Ghostbuster" missions that end like bad comedy through chasing ghosts in a machine that alerts us constantly and points us to a dead end.
If you are one of the New York financial services companies and still busy preparing to be compliant with the first part of New York Cybersecurity Regulations by the deadline - August 28th, 2017. Here is what you should know.