Every company/industry is complying with General Data Protection Regulations with stringent data privacy regulations. According to a national practice director for security in the Cloud and Data Center Transformation division of insight, Jason Rader. “No one knows what the next law will be or whether it will be a state, federal or even global one, but it seems inevitable that new regulations are coming.”
Earlier, leading technology companies stressed on the US federal government to issue a national data privacy regulations same as GDPR. A similar case came in light in February 2019 in which the US Government Accountability Office reported the same issue. Furthermore, as time is passing by new regulations are bringing new requirements. As a best practice, businesses ought to build on the GDPR to meet compliance deadlines and to shun imminent diversity.
“They already have taken a hard look at their types of data and how they collect, store, and use it, Now they should be leveraging that momentum and taking things to the next level to understand the controls — firewalls, encryption, policies, etc., — that are in place, the rationale behind each control’s selection, its maturity in adoption, and its effectiveness in operations”, Rader highlighted the facts. Similarly, the next requirements will help to identify the gap. However, these practices have long been introduced. There are mounds of organisations who choose to be inconsiderate. This reflects their roguish behaviour and unplanned strategies.
Indeed organisations have been endeavouring to be GDPR compliant, but still, there are rooms for uncertainty. In his viewpoint, “Every major breach I can think of was a company that was compliant to some standard. Taking a few extra steps in the process could have a material effect on an organisation’s overall security posture.”
For better outcomes companies are obliging to comply with emerging regulations and to generate new approaches to data classification.