Did you know that starting May 25th fines for a data breach involving personal data can be up to €10 million, or 2% of annual turnover, whichever is higher? Once the European General Data Protection Regulation (GDPR) is in place this is a very real possibility. 

So, what is the GDPR?

The GDPR isn’t completely new, as it replaces the Data Protection Act 1998 to ensure data protection policies are equipped for 21st century data security threats, notably the protection of personal information or any information that can identify an individual. 

With GDPR, the same law will be enforced across all European Union (EU) member states, streamlining compliance. It also applies to any organisation outside of the EU holding EU citizens’ data.

It maintains that greater duties of care must be applied by all 'controllers' and 'processors' of data; and gives individuals greater control over how their data is used. When live, companies must notify the relevant authorities within 72 hours of discovering a personal data breach, and, in serious cases, the data subjects affected by the breach must also be notified.

What do you need to do?

All 'controllers' and 'processors' of personal data must take appropriate measures to protect it, regardless of where it is in their ICT environment. This should not only protect data at rest but also safeguard it as it traverses increasingly complicated infrastructure including public, private, and/or hybrid cloud and data centre environments, all of which only increase the opportunity for data to be compromised and exploited. 

With the potential for such large fines, enterprises need a holistic, end-to-end network security strategy that embeds security consciousness across the fabric of an entire organisation, minimises the attack surface of the network, and can help speed up the implementation of tactics to ensure network confidentiality, integrity, and availability. Additionally, the right network security partner can help ensure that all the people, processes, and technology touching networking operations are completely trustworthy and security-oriented.

With time ticking down, here are Ciena’s top 5 resources to help you prepare for the GDPR: 

  1. Delivering GDPR Compliance with Holistic Security - This paper details how a holistic network security strategy can help minimise cyberthreats and streamline compliance in the era of the European General Data Protection Regulation (GDPR).

  2. Countdown to the General Data Protection Regulation (or GDPR) – are you ready? - Ciena’s Raffi Varoujian, Co-Lead for Global Compliance and Data Privacy, discusses the upcoming GDPR, what it means and how optical encryption can help significantly reduce the impact of a data breach.

  3. Take a course Ciena offers on-demand training sessions on the implications of the upcoming GDPR and why your network may be at risk.

  4. Why data security is more important than ever – Joe Marsella, Vice President, Global Sales Engineering at Ciena, discusses the implications of optical fibre hacking and why a holistic security strategy is essential, especially in the wake of the upcoming European General Data Protection Regulation (GDPR).

  5. Explore our infographic on the upcoming GDPR and how Ciena’s Wavelogic Encryption protects all data, even in the cloud. 

For more information, please visit http://www.ciena.com/protect/