Sitting at the top of any CIOs Christmas wish list is full compliance with the rapidly approaching GDPR legislation. That was the conclusion by Computer Business Review, who posted up their thoughts on what CIOs are hoping that Santa will be leaving for them.
When the business world returns to normal on 2nd January ever business will be looking at less than five full months of time before GDPR comes into force. And even though, like Christmas, everybody knows that it is coming, last-minute preparations still occur.
As the full impact of GDPR is still an unknown quantity to many, what can be done in the remaining few months to ensure compliance come the big day – which is May 26th 2018, just in case it’s not inked in red in large letters in your diary.
This is question was answered by CIO Magazine in an article they posted earlier in December. They quoted AEG CIO David Jones, as saying “I think we’re all hoping the ICO will go after the likes of Google and Facebook first rather than smaller organisations, and that will help set some sort of case law.”, which suggests that maybe more time is needed to enable the legislation to bed in and to know where the flexibility in it resides – if at all.
CIO goes onto make a number of suggestions on what needs to be understood and implemented as this biggest change to data protection law for a generation comes into force.
A key appointment is a designated individual as responsible for GDPR, somebody who can raise awareness of the implications through company-wide training sessions. This individual, and their associated team need to identify all of the data held in the organisation, with particular care taken with sensitive information. They then need to document all the data, recording the purpose for its use, the location where it’s stored, and the names of anyone who has access to it.
They can’t do this alone and will need input from representatives of legal, IT and HR with support from staff from other departments.
The key is that GDPR cannot be ignored, avoided or put to one side. Like Christmas, it’s going to happen regardless if you are ready or not. No wonder it hits the top spot on the CIO Christmas wish list.
What other topics make the list? It will come as no surprise that alongside GDRP, cyber security is still a hot topic. This year, as CBR discusses, cyber security incidents has seemingly gone from bad to worse, from WannaCry hitting a number of NHS Trusts to Yahoo! affecting 500million consumers and then the once loved Uber revealed a breach affecting 57million users.
In 2018 there is a growing expectation that AI-based cyber security technologies will become more mature that will hopefully allow cyber security must become less of a worry and more a skill that businesses take ownership of, ensuring every element is protected.
AI, of course, is also on the CIOs Christmas wish and is expected to take centre stage during 2018 as CIOs want to make businesses more efficient, more proactive and get better results. The promise of AI is the increase in automation making certain jobs easier, leaving humans to do what they do best.
A business in 2018, that is equipped with AI and cognitive systems, big data analytics, and machine learning will be set to outpace its competition with an insights-driven intelligent enterprise.
Now nobody ever gets everything they want for Christmas, but for those CIOs who have made Santas ‘nice list’, if they could get GDPR compliance, cyber security and AI into their business then what a Happy New Year it will really be.