Our Journey to GDPR Compliance: Lessons learned on our way to May 25th

Credit to Author: Steve Neville| Date: Thu, 15 Mar 2018 15:00:24 +0000

With the European Union’s (EU) General Data Protection Regulation (GDPR) date fast approaching, we have been working hard to make sure our already strong security culture and policies will align with the new regulation. As GDPR is a very broad law that includes people, process, and technology, working on compliance has involved many different areas across our organization – this is not just an IT security issue!


The GDPR will standardize data protection legislation across the EU, amalgamating 28 different laws in Europe into one regulation to protect citizen’s data. The GDPR will apply to organizations anywhere in the world who are processing EU citizen data, meaning even if you’re not in the EU, the GDPR may directly impact your organization.

There will be serious implications for organizations who are noncompliant, including fines of up to 4% of global turnover, or €20M, whichever is larger, as well as the ability for regulators to force an organization to stop processing data—effectively stopping business.

We’ve created a series of videos to outline the journey that we’ve taken to prepare for GDPR compliance, in the hope that it would help others do the same. The videos will focus on all the different areas inside Trend Micro that we’ve had to consider on our journey to GDPR compliance and ensure that our customers will be protected.

As we move towards May 25, 2018, we’ll be posting a weekly video showcasing a different area within our company and outlining both challenges and how we’ve prepared for GDPR within each of those functions.

Check out the first two videos now: start with an overview of GDPR, with information on what the new regulation means and how it might impact your organization. Then watch and learn how our CFO and GDPR Executive Sponsor Mahendra Negi is involved, and hear about the need for executive sponsorship and the importance of ensuring your employees understand the meaning of GDPR.

We hope you’ll find this this series helpful as you prepare for GDPR compliance. Check back for the next video on March 21, to see how our GDPR Program Manager has been a central part of our journey to GDPR compliance.

Video Schedule

3/14 –Overview and Finance/Executive Sponsor: Learn what the GDPR is all about, and understand how executive sponsorship will help your organization and employees become prepared.

3/21 – GDPR Program Manager: See who is mapping our Journey to GDPR compliance, and find out what type of person is needed to coordinate all of the functions involved.

3/28 – Legal: The GDPR is fundamentally a legal obligation. Understand how large the role of legal is in scope, both internally and externally, and how it is involved accross all aspects of the organization.

4/4 – IT Security: Hear what our IT director has to say about how the GDPR is affecting our organization, from taking a global perspective to the way we manage data privacy, to changing the way we communicate.

4/11 – Sales & Marketing: Our COO, Kevin Simzer, eplains how we’re on the same journey to becoming GDPR compliant as our customers are, and what the benefits are in this process.

4/18 – HR: See how the GDPR affects our employees, and what we’ll do to ensure they have a good understanding of the regulation.

4/25 – Marketing Operations: Learn how our Marketing Operations team ensures that our customer data is protected across all external platforms.

5/2 – Products and Services: Hear from Bill McGee, SVP Cloud Security, on how we’re always evolving to deliver state-of-the-art capabilities in our products, and how we help our customers deliver their portion of the shared security responsibility of cloud environments.

5/9 – Sales and Channel Enablement: See how important it is that our existing partners understand GDPR, and how we help them find the tools needed to achieve GDPR compliance.

The post Our Journey to GDPR Compliance: Lessons learned on our way to May 25th appeared first on .