We all agree that improving the protection and the rights of the individual to data privacy will benefit us all, but we must also be aware of the potential restrictions this may impose on organisations that are focused on reducing the impact of the increasing global cyber threats.
The General Data Protection Regulation (GDPR) is focusing businesses on the protection of personal information, and rightly so, but this has increased the demands to keep data at least within its region. This suggests a completely different business model that could potentially undermine the huge advances that have taken place recently in machine learning and big data analytics. Advances that have significantly reduced the risks to business. These advances have been possible because of the ability to store, share and collaborate not only within a single organisation but also across industries.
I’m sure it is not the intention of the GDPR to restrict these advances but there is an increasing prevalence for organisations to ask that data remains in region, if not in country. This not only has the potential to restrict the digital transformation that is taking place through cloud adoption and dramatic changes to the workplace but also restrict the sharing of intelligence and countermeasures.
Data privacy must be maintained and it is right the GDPR will ensure businesses take personal privacy seriously but this has to be balanced with the global cyber threat and the ability for global managed security providers like NTT Security to share intelligence and data to prevent future attacks.
Careful consideration must be taken by managed security providers to ensure they can can balance the regional requirements of their business customers with the challenges of the increasing global cyber threats. This hybrid model leveraging local in-country resources with the ability to provide advanced analytics will be essential as digital transformation and data privacy take on the global cyber threats.