Freely subscribe to our NEWSLETTER

Sylvain Cortes, VP of Strategy at Hackuity
“Compliance is essential, but we urge organisations to take the opportunity to think beyond baseline requirements to develop a culture of continuous cyber improvement. It’s important to remember that achieving compliance shouldn’t be treated like ‘exam-cramming’ with last-ditch efforts to achieve annual or quarterly audits.

The goal is to achieve more than the minimum requirements and move away from the tick-box mindset. GDPR compliance is necessary, but it is far from sufficient for modern organisations.”

Rick Hanson, President at Delinea:
“I’ve been in the cyber community since the mid-90s, and one consistency over the years is that personal data has always been paramount. However, even though the industry often understood what needed to be done to protect personal data, it was frequently deemed to be too costly or complex to implement.

Five years ago, I applauded the EU for taking a stand and providing guidelines and a framework to ensure that personal data and privacy were protected with GDPR. Yet even as this legislation passed and privacy advocates celebrated, many businesses were very concerned due to perceived burdensome and costly efforts that would be required of them to be compliant. Looking back on this anniversary, I am very encouraged that the technology community has innovated and evolved to solve many of these issues and challenges quickly. My belief is that it sets a solid foundation that the rest of the world can follow as we continuously work to protect our personal data and privacy.

We have come a long way since the early days of cyber and GDPR makes a significant impact, yet it does not solve the cybersecurity threat. It offers a framework that helps classify and protect yet these policies are public, giving any attacker a roadmap on how to circumvent the policy. As good as GDPR policy is, it does not mean our personal data is completely secure. We must continue to educate and innovate to solve these ongoing data privacy and security challenges.”

Paul Brucciani, Cyber Security Advisor, WithSecure
"The European Commission is criticised for many things, but GDPR is the one thing where it can hold its head up high and say, ’We’ve led the world in this’. As regulatory milestones go, it’s the equivalent of climbing Everest. And it seems to be working as other jurisdictions are following suit.

Internet fragmentation, driven by the quest for digital power, is creating regulatory complexity, and the EU has an important role in leading the world through this. For example, AI is the next big field that will need regulating, and the EU has again made a head start on this with its proposed AI Act, a legal framework that is intended to be innovation-friendly, future-proof and resilient to disruption."