Having hundreds or more enterprise data sources to monitor a company’s security is overwhelming and unmanageable for SecOps, what they really need is a “small data” movement.
A key concept of many privacy laws is the definition of “personal data”, “personal information” or “personally identifiable information”. If it’s not “personal data”, you are likely outside of the scope of data protection laws, however that is a line in the sand which is constantly moving – in this article David Fraser of McInnes Cooper in Canada examines what that constantly shifting line means for privacy, and the individual.
In part one of a two part series, we examine some of the challenges that companies face in terms of the evolving privacy and data protection landscape. Data protection and privacy issues are now bedrock strategic issues for companies across the world and Information Security professionals are now under even more pressure to ensure that data remains secure. The value of data as an intangible asset continues to grow and legislation and regulation is becoming ever more stringent. The onus is on companies to comply or suffer the consequences. This is going to require a whole new breed of information security professional. In part two of this series (in next month’s newsletter) we’ll look at the argument for and against a new role combining Chief Security and Privacy Officer in this rapidly evolving regulatory environment.
