PRO+ Premium Content/Information Security
Access your Pro+ Content below.
Q&A: GDPR compliance with Microsoft CPO Brendon Lynch
This article is part of the Information Security issue of May 2017, Vol. 19, No. 4
The European Union's General Data Protection Regulation may be the most important information security issue you've never heard of -- but everyone will be talking about GDPR compliance by the time the EU begins enforcement of the new regulation starting May 25, 2018. The new privacy regulation includes requirements for protecting personal information, making sure it stays private and giving individuals the right to verify and control their own data, up to and including granting the "right to be forgotten." With just a year before the regulation takes effect, the stakes are high: Failure to achieve GDPR compliance can trigger fines of up to 4% of a company's gross revenue for a year, or 20 million euros -- whichever is greater. Information Security magazine spoke about GDPR compliance with Microsoft's chief privacy officer, Brendon Lynch. This interview has been edited for length and clarity. The EU's General Data Protection Regulation will begin enforcement in a year. Just how big a deal is this going to be? Brendon Lynch: I've ...
Features in this issue
-
Challenging role of CISO presents many opportunities for change
With some reports showing incredibly short tenures, new CISOs barely have time to make their mark. The salaries are good; the opportunities for the right skills, unlimited.
-
Polycom CISO focused on ISO 27001 certification, data privacy
Tasked with security and compliance, Lucia Milica Turpin watches over internal systems and remote communications customers entrust to the video conferencing company.
Columns in this issue
-
CISO job requires proven track record in business and security
In the security field, certifications and degrees are never a substitute for on-the-job experience. For women in security, the challenges may be even greater.
-
Q&A: GDPR compliance with Microsoft CPO Brendon Lynch
Failure to achieve compliance with the EU's General Data Protection Regulation in the next 12 months can trigger fines of up to 4% of a company's gross annual revenue.