It was about 20 years ago that the Y2K problem had firms scrambling to fix the issue. At its core, it was a rather simple problem to fix. Firms just had to change a 2-digit year field to a 4-digit field. But the devil, as always, was in the details and firms struggled to understand how many applications they had, and where the date fields resided in their massive code base. Many Fortune 500 firms took 6-months or more just to get a listing of the applications that were potentially problematic.
Compared to the Y2K issue, the problems firms face with the General Data Protection Regulation (GDPR) are infinitely greater. In the appropriately titled The EU General Data Protection Regulation (GDPR): A Practical Guide (Springer 978-3319579580), authors Paul Voigt and Axel von dem Bussche have written a highly pragmatic guide that provides an excellent overview of the regulation, and how to ensure compliance with it.
GDPR was put into effect in April 2016 and becomes enforceable on May 25, 2018. While the text of the regulation is freely available, it doesn’t lend itself to an easy read, or details on how to effectively execute it. In the book, the authors focus on the practical aspects of the regulation and show how to implement it in a methodical manner.
This book has a focus on practical implementation and the authors provide a large number of real-world examples to concretize the many concepts in the regulation.
For those that have not started their GDPR remediation efforts, there is a massive amount they need to do before the regulation goes live in 70 days. For anyone tasked with GDPR compliance, this is the book most people should have read some time ago.
This is a Security Bloggers Network syndicated blog post authored by Ben Rothke. Read the original post at: RSA Conference Blog