{"id":31151,"date":"2017-05-22T05:00:39","date_gmt":"2017-05-22T12:00:39","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=31151"},"modified":"2017-05-19T13:40:46","modified_gmt":"2017-05-19T20:40:46","slug":"cso-gdprnis-countdown-ready-organisations-get-cybersecurity-order-next-decade","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2017\/05\/cso-gdprnis-countdown-ready-organisations-get-cybersecurity-order-next-decade\/","title":{"rendered":"GDPR\/NIS Countdown: How Ready Are Organisations to Get Their Cybersecurity in Order for the Next Decade?"},"content":{"rendered":"<p>This month marks the start of the 12-month countdown for organisations to be ready to comply with either \u2013 or in some cases both \u2013 the General Data Protection Regulations or the NIS Directive becoming law in Europe on the 25th and 10th of May 2018, respectively.<\/p>\n<p>Whether you have started working towards compliance in the last year or not, the deadline to be ready for these new laws is fast approaching, and the pressure to review, change and test new cybersecurity systems increasing.<\/p>\n<p>So, what\u2019s the current state of mind of cybersecurity and business leaders as we count down? In <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2016\/09\/cso-ask-the-right-questions-advice-to-ceos-and-cisos-addressing-the-state-of-the-art-paradox\/\">research<\/a> recently commissioned for Palo Alto Networks, we found that IT security professionals across Europe are generally optimistic about how these laws will help avoid personal data and cybersecurity breaches. However, there is still some hesitation when it comes to how easy the change will be. What is immediately clear is there are vast geographical differences when it comes to openness to new ideas; senior management in countries like Sweden are least likely (28 per cent) to accept suggested ideas for change from internal stakeholders, whereas Dutch respondents were far more willing to adopt new ways to best protect their organisation (39 per cent).<\/p>\n<p>A fear of the unknown continues to present a significant roadblock over the next year, and not all businesses can see the benefit in change. Only a third of respondents think they will get the support to implement the necessary changes, while the majority still feel there will be obstacles to overcome.<\/p>\n<p>With only one in ten respondents admitting that pressure to comply with new laws would make them open to ideas for change, there is a major shift in perception needed to ensure European businesses are ready come May 2018. Our research found that:<\/p>\n<ul>\n<li>43 per cent of IT security practitioners were concerned changes to legislation will unleash a wave of previously unknown personal data and cybersecurity breaches that need to be reported.<\/li>\n<li>Half of all IT professionals (49 per cent) said they avoid security system changes or updates because they think their current system is already broadly secure.<\/li>\n<li>56 per cent of IT security professionals think the GDPR\/NIS implementation will be a pain both financially and operationally.<\/li>\n<\/ul>\n<p>With all that in mind, there are several ways businesses can prepare themselves today ahead of May 2018:<\/p>\n<ul>\n<li>Gain visibility of what information is being used and through which applications. If you don\u2019t have ongoing insight into how your business is already processing information through technology, then you can\u2019t validate if this is appropriate and what controls must be wrapped around it.<\/li>\n<li>Too much of cybersecurity is legacy technology \u2013 leverage the new regulations as an opportunity to clean your house, validate that everything is fit for a purpose, today and in the future, especially considering that cybersecurity will continue to evolve, and the biggest shortfall is skilled cybersecurity people. Consider how you apply and maintain an adaptive cybersecurity ecosystem that is automated to work at the same speed as the attacker.<\/li>\n<li>Ensure that you have clear leading and lagging metrics to validate the effectiveness of your cybersecurity. Can you prove to your own business and others that you are effectively aligning current best practices to the risks?<\/li>\n<li>Test your capabilities \u2013 not just the technology, but also the people and processes around these, including the broader businesses teams.<\/li>\n<li>Cybersecurity leaders will need to validate that their cybersecurity capabilities are relevant to the risk they face and that they leverage current best practices, referred to as \u201cstate of the art\u201d, with clearly documented processes and measures.<\/li>\n<\/ul>\n<p>To learn more about how you can prepare your business for the upcoming new laws, please see the following Palo Alto Networks assets:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.paloaltonetworks.com\/resources\/whitepapers\/gdpr-compliance-next-generation-security-platform\">Next-Generation Security Platform Contributes to GDPR Compliance<\/a><\/li>\n<li><a href=\"https:\/\/www.securityroundtable.org\/5-emotional-stages-of-preparing-for-gdpr\/\" rel=\"nofollow,noopener\" >Five Emotional Stages of Preparing for GDPR<\/a><\/li>\n<\/ul>\n<hr \/>\n<div class=\"quizz-container\" data-width=\"100%\" data-iframe-title=\"QUIZ: What Kind of Ignite Guardian Are You?\" data-height=\"auto\" data-quiz=\"385597\"><\/div>\n<p><script src=\"\/\/dcc4iyjchzom0.cloudfront.net\/widget\/loader.js\" async><\/script><\/p>\n<p class=\"p2\"><span class=\"s2\"><a href=\"http:\/\/go.paloaltonetworks.com\/ignite2017\"><b>Register for Ignite \u201917 Security Conference <\/b><\/a><br \/>\n<i>Vancouver, BC June 12\u201315, 2017<\/i><\/span><\/p>\n<p class=\"p2\"><span class=\"s2\">Ignite \u201917 Security Conference is a live, four-day conference designed for today\u2019s security professionals. Hear from innovators and experts, gain real-world skills through hands-on sessions and interactive workshops, and find out how breach prevention is changing the security industry. Visit the <a href=\"http:\/\/www.paloaltonetworksignite.com\/\" rel=\"nofollow,noopener\" ><span class=\"s3\">Ignite website<\/span><\/a> for more information on tracks, workshops and marquee sessions.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>How ready are organisations to get their cybersecurity in order for the next decade?<\/p>\n","protected":false},"author":150,"featured_media":20190,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1766],"tags":[432,2684,1640],"coauthors":[1466],"class_list":["post-31151","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cso-perspective","tag-emea","tag-gdpr","tag-nis-directive"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2016\/09\/CSO-web-banner-650x300.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/31151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=31151"}],"version-history":[{"count":3,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/31151\/revisions"}],"predecessor-version":[{"id":31160,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/31151\/revisions\/31160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/20190"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=31151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=31151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=31151"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=31151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}