Don’t be blinded by your technology defenses

I recently created a course on the Global Risk Academy outlining the requirements of GDPR ( ). My objective was to guide organizations, other than those in the EU, to understand what they need to do to be GDPR compliant. Having immersed myself in the GDPR I came to realize it represents a quite different perspective on cyber security than currently embraced by many cyber security professionals in the US.

The GDPR explicitly places privacy security requirements front and center. This places an onus on organizations to protect individuals information that is in their possession. In the US security requirements have primacy, which puts the onus on individuals and organizations to protect their own assets. This differing perspective of Privacy vs Security as driver is not just a semantic. It represents a fundamental difference in how to address the cyber exposures that we all deal with.

Let me explain. By focusing on the privacy of individual’s information the EU has made a priority that others need to protect individual’s information in their possession. This takes the pressure off individuals to secure their own information while letting the EU bureaucrats believe that they are doing something.

While in the US the focus is on technical security which provides organizations and individuals with a structure that if they follow they will be safe. It appears that responsibility for protecting ones privacy remains with the individual. 

Both approaches ignore the cyber exposures that individuals and organizations face every day because of their own behaviors. Some examples include the use of ‘PASSWORD’ as a password, not changing default settings on various devices, not performing updates on various devices, and believing that smart technology will protect you.

All the technology in the world cannot protect an organization from ill-informed personnel or willful arrogant behavior.

We strongly recommend that you consider addressing all your cyber exposures. Not sure what that means or how to do it? Try our course understanding cyber exposure at the Global Risk Academy (  

Views: 65


You need to be a member of GlobalRisk community to add comments!

Join GlobalRisk community

Our Sponsors

Would you like to reach over 70,000 + Risk Professionals? 



Current Partners Include:

Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2019   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service