Once in force, the European Union General Data Protection Regulation (GDPR) will require every multinational company that offers products or services to European Union residents to adhere to a strict set of data privacy and security measures.
These requirements will also apply to those companies’ business partners. Consequently, this will call for the use of emerging technologies and systems design concepts that will likely be new to U.S. information security professionals. However, those professionals can leverage much of their existing capabilities, along with the addition of a few key components, to meet these new requirements and enable compliance with the Regulation in all 28 EU member states.