Yasser Rasheed: Thank you for hosting me today. I’m very excited for this talk.
Kevin L. Jackson: It’s really our pleasure. Let’s get started on this. The security world is really abuzz. We talk about GDPR or the General Data ProtectionRegulation. This is Europe’s looming security regulation. Can you tell us a little more about it?
Yasser Rasheed:Absolutely. You know Kevin, the industry is shifting and evolving very quickly in this space. We’re excited about the positive changes taking place in the industry. The GDPR or General Data Protection Regulation coming out of Europe is really a replacement for the European directive that they had in the past. It covers a whole slew of data protection and security regulations that allows – but really caters to protecting the end user and the end user data.
Kevin L. Jackson: I understand it’s really the hefty fines that have the information security officers worried. I’m told that they can be the greater of either 20 million Euro or 4% of global annual revenues. Why is this putting the spotlight on security and compliance in North America? I thought this is a European thing, right?
Yasser Rasheed:It is not a European thing only. It affects anyone that deals with the European citizens or in business in Europe so global companies are really impacted by this regulation and they need to pay attention to it.
(When viewed on a mobile device, please press select “Listen in browser”)
Kevin L. Jackson: This is really important to you. From your point of view, at the IT and operations level, what should these companies be really focused on?
Yasser Rasheed:The companies need to first get educated on the new regulations. It is going to be applicable in May or enforced starting May 2018. It is really coming very soon. The GDPR regulation is really a legal framework that comprehends a number of data security and privacy guidelines for organizations. For example, they need to make sure that they look at how the data is processed, how the data is protected. Who gets access to the data at what point in time and under what tools? Is everything audited and logged in the right way so that they can have the right traceability. There are a number of things that the organizations and especially IT and chief information security officer teams need to pay attention to in this case.
Kevin L. Jackson: With all that in mind, what should these enterprises be thinking about when it comes to data protection at the hardware and the software level?
Yasser Rasheed:That’s a great question. First, let’s head back and look at what’s happening in the industry nowadays. The whole space of cybersecurity is full with hackers and really malicious users trying to get access to information and this is impacting everyone. We see breaches every day. Solutions today are available in software, however, we believe that the software alone cannot protect and cannot enforce the level of readiness for GDPR and the likes. What we really look for is the role of the hardware to augment and compliment the role of the software in the space. More specifically in the security space, there are many hardware products that companies like Intel is offering in this space to protect the identity of the user, to protect the data of the user. These are tools that our key organizations can take advantage of to be ready for GDPR compliance and in general, to have a more healthy and stronger security posture in the environment.
Kevin L. Jackson: Thank you very much for sharing that important point. Unfortunately, though, we’re at the end of our count for this episode. Many thanks to Yasser Rasheed with Intel for his insights and expertise.
( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)
( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2017)
Follow me at https://Twitter.com/Kevin_Jackson