You Are Not Ready
There are tons of articles talking about how most companies are not prepared for the GDPR enforcement. Many companies are just not taking this seriously or not understanding how much work there is to do…
That is understandable and, most likely, to be expected. The problem I see is that companies just do not understand what they need to do in order to actually ensure data privacy.
An article recently came out that stated that 29% of startups do not encrypt their data.
Encryption Is Not Security!!!
Not even the CIA can crack encryption and yet the number of successful hacks is growing at an exponential rate. Encryption is HARD and why spend the effort when a hacker can merely step around the encryption go to the source devices and get the data directly.
This is how hacking occurs – nobody cares what encryption is being used. If your devices are insecure (and they are) then protecting data in transit does almost nothing to change your data protection…
Or your chance of being fined by GDPR enforcement agencies.