At the BlackBerry Security Summit in London today, BlackBerry launched a new cybersecurity consulting services aimed at enabling the enterprise General Data Protection Regulation (GDPR) compliance.
Set to go into effect May 2018, and applicable to any enterprise controlling or processing Personally Identifiable Information (PII) of European Union residents, GDPR demands major changes to the ways organisations may collect, use, and store PII about customers and employees.
According to new research, when it comes to data compliance matters, one in five business decision makers within the UK admit they do not know which compliance regulations their company is subject to, while a worrying number do not believe the forthcoming General Data Protection Regulation (GDPR) applies to them.
BlackBerry Cybersecurity Consulting will guide organisations through the process of understanding how to manage company data, how GDPR applies to the organisation, and how to achieve a competitive readiness posture.
The GDPR will have a dramatic effect on the way that organisations deal with the data of customers, employees and others. Set to come into effect in May 2018, GDPR means every business, government and public sector entity that touches European Union residents’ data will need to rethink their data management approaches in order to stay compliant and thereby avoid massive new fines and bad publicity.
Carl Wiese, Global Head of Sales, BlackBerry said,
“Having been engaged with the EU Justice Directorate-General since 2012, we understand the GDPR requirements and have developed expertise to help address the full range of GDPR implications for enterprises, from situational assessment to offering DPO (Data Protection Officer) -as-a-service,”
“In addition to consulting services, we provide many necessary software solutions, making BlackBerry a one-stop shop for GDPR compliance.”
Article 37 of the GDPR requires organisations to have a dedicated DPO to oversee the company’s data protection strategy. The IAPP estimates over 27,000 DPOs will be needed to address that requirement.
BlackBerry offers a series of services that take your organization through the practical, step-by-step process of understanding the PII in use by your company, how GDPR applies to your organization, and how to achieve a competitive readiness posture in support of your business.
In the first step towards meeting GDPR requirements, BlackBerry Cybersecurity Consulting evaluates the areas where your existing processes are compliant, identifies non-compliances, and makes recommendations for remediation.
Once the gaps have been identified and the remediation plan is in place, your BlackBerry consultants will map the flow of PII through your organization’s network, so that controls can be strategically applied. This exercise ensures your organization understands what data is being processed, its value, and the potential risks it poses.
To strengthen the processes around handling PII, organizations must establish and document rules and procedures that govern the lifecycle of this data. This can be achieved by aligning processes within an already existing framework, or working towards establishing the beginnings of an ISO 27001 structure.
In accordance with Article 37 of the GDPR, organizations that fall within its scope must designate a Data Protection Officer (DPO). BlackBerry can provide your organization with DPO services should you lack the capacity, expertise, or business focus for an internal DPO. BlackBerry DPO services can provide immediate expertise (on-call and in-house) to guide you through GDPR requirements.
BlackBerry training and awareness courses are tailored to your organization and employees, and can be delivered either on-premises or at one of our training facilities. Each course provides an overview of what GDPR is, how it impacts your organization and the activities of your employees, as well as how to recognize and handle a privacy-related incident.
You can find out more about BlackBerry’s GDPR consulting services here.