For those only just tuning into this conversation, the EU Commission negotiated and finalized the text of what is called the “General Data Protection Regulation” (GDPR) in December of 2015. This was officially approved as law in April 2016 and comes into effect on May 25, 2018. And, if you’re an organization that does business in the EU or even has customers from those geographies, this could significantly change the way you do business.

As we reach the end of our five-part series on “Secure Cloud Adoption in the Enterprise”, we thought it would be useful to summarize the discussion and also leave with you a few important things to consider when you make the decision to use the public cloud. Clichéd as it may sound, Security and Privacy are probably two of your most important security concerns in cloud computing as an IT executive.

I thought it would be a good idea to revisit GDPR, just as a reminder to all of us to take stock and see how ready we are. For the uninitiated, the EU Commission, Parliament, and Commission negotiated and finalized the text of what is called the “General Data Protection Regulation” (GDPR) in December of 2015. This was officially approved as Law in April 2016 and goes into effect on May 25, 2018.

Security and privacy often get conflated even though they are quite different things. When it comes to digital assets, security is often associated with organizations, while privacy is associated with individuals. The truth though is that both are important elements in any digital strategy and can impact both individuals and organizations.

This question came up at a GDPR event at which I recently spoke. Most of the attendees were from their respective Legal, GRC, or CISO offices; a legally astute, but also a very technical audience. One of the speakers who went up before I did, brought this up – as he was trying to draw the distinction between different types of cyber threats.