Identity is Security: Life after GDPR
We’re officially past the initial GDPR deadline and the world has continued to turn, as evidenced by this week’s news, which begins with your routers. If you haven’t reset your home router by now, you need to ASAP. It’s not us adding this item to your to-do list though – the FBI is urging everyone to do this to combat malware known as VPN Filter, believed to be connected to the Russian military. A simple reboot sets the malware back, so take a coffee break from the internet while you power down and back up.
Unfortunately in the US, our government needs to do more than reboot its routers. In fact, the White House’s Office of Management and Budget assessed 96 federal agencies and found 74 percent either “At Risk” or “High Risk” in cybersecurity. A large portion of them don’t even know what the attack vector was in their cybersecurity incidents. It’s going to be a long summer for those IT teams who are working to address those concerns.
GDPR has had a full week to simmer in its post-deadline glory, and as expected, the residual confusion persists. Last week, many people found they were not able to access major websites. News outlets from NPR to USA Today left a message in place of their normal content, either directing people to an EU-friendly site or not allowing them access altogether.
The dust hasn’t even settled and attention is already turning to what the “next GDPR” will be. Europe may still be leading the charge, with the ePrivacy Regulation now gaining traction as the next big privacy regulation, but there are several countries looking at data privacy, including the US and Australia.
California just enacted a law allowing people to sue companies if their personal data has been breached. With so many tech companies housed there, this is a game-changer.
With all this cyber-uncertainty, despite massive investments in cybersecurity, what should organizations do? Have you considered that you might be looking in the wrong place? Users remain the entry method of choice for hackers, and with all of the changes in the cybersecurity world and threat landscape, we all need to pay closer attention to stay ahead of the game.
Until next week, stay secure! (And seriously, reboot your router!)
Editor’s note: At SailPoint, we know that identity is security, so we keep a pulse on what’s happening in cybersecurity every day. This weekly post features some of the biggest stories of the week and ones that may have flown under the radar. Check in each week for a news roundup and share what you’re reading with us by tweeting us at @SailPoint.