Take Two: Why Organizations Are Reviewing GDPR EffortsPwC's Polly Ralph on Data Breach Preparation and Remediation Trends
Remediating data breaches remains essential, along with prevention, detection and initial incident response - and all work best when organizations plan ahead, says PwC's Polly Ralph.
Last year, the EU's General Data Protection Regulation rewrote the rules of the data privacy and breach notification game when it went into full effect, and numerous organizations rushed to put an effective GDPR compliance program in place. More recently, however, many have been revisiting their approaches.
"What we're seeing is … many organizations are taking a second look at the effort - the time and the resources that they're putting into their GDPR efforts - and they're doing that either proactively or as a result of a data breach that they've suffered," she says.
In a video interview at Information Security Media Group's recent Cybersecurity Summit in London, Ralph discusses:
- Data breach preparation and remediation trends;
- How GDPR continues to change the discussion;
- What the future holds, and how this will likely impact organizations' data breach defense and response efforts.
Ralph is barrister and solicitor, U.K. data protection strategy, legal and compliance services, at PwC. She started her career in data protection and privacy in 2004 as an investigations lead at the New Zealand Privacy Commission. Since then, she has worked as a privacy lawyer at the New Zealand Police National Headquarters, senior privacy counsel at the BBC, and group DPO at British insurer Domestic & General. Since joining PwC UK in January 2016, Ralph has led GDPR projects and advised on privacy, marketing, outsourcing, technology and international transfer issues.