Implementing data protection is an ambiguous area of responsibility for too many organizations, and well-meaning truisms like “Security is everybody’s job” do not help the situation.
Long experience in the field across different industries confirms this, whether the businesses in question create software for external customers or only for internal use. Given the lack of clarity about who is ultimately responsible for data protection, it is no wonder that so few organizations empower a specific functional team to effectively address this issue.
The result is that data security and governance too often fall between the cracks, not truly belonging under the CTO, the CIO, business units, or even the CISO or the compliance team. There is an answer to this dilemma: put the responsibility for data protection in the hands of the application owners who create or manage the applications that use the data, and empower them — and the development teams that work with them — accordingly.
Submit your details below to access the full guide:
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.