Following recent news that Facebook and Google are facing GDPR lawsuits, Brian Vecci, Technical Evangelist at Varonis commented below.
Brian Vecci, Technical Evangelist at Varonis:
“It’s not surprising that the big tech companies are the first to face problems now that the GDPR is in effect. They have the most data about the most people and their business depends on exploiting it—they were always going to get hit first and potentially hardest. What’s interesting is that they’re already being accused of ignoring the new regulation, when it seems clear to everyone paying attention that while they certainly might not be compliant, ignoring it is the last thing that the big tech companies have been doing, but that’s not necessarily true of all of the other companies that collect and exploit consumer data and are now subject to the GDPR.
As a society we dramatically underestimated the inherent value of our own personal data and what it reveals about us over months and years. The GDPR isn’t going to kill their business model, but it is going to force them to finally treat our personal data as something that’s valuable not only to them but to us as well.
Many organizations have taken a wait-and-see approach to the GDPR, betting that they can fly under the radar for a while and save some money by not having to change much about how they secure this kind of data and keep it private (or fail to do so). That could end up proving more expensive in the long run, since while many companies aren’t yet fully compliant, the ones that have taken clear steps will likely see far more lenient penalties for violations. The ones that actually are ignoring the GDPR and have done nothing will probably get hit the hardest.
In our recent Global Data Risk Report, we found that 58% of companies have more than 100,000 folders open to everyone in the company, meaning that data is neither secure nor private. Companies that take at least the first step of mapping out what personal data they have, identifying where it’s exposed, and monitoring how it’s used—even if they haven’t yet started fixing the problems they’ll inevitably find—are going to be way ahead of everyone else. The big tech companies are in the spotlight right now but they’re not the only ones who are going to have to face the music.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.