This article originally appeared on CRN sister publication Channelnomics Europe
If your email inboxes are anything like ours, trying to sort through the barrage of GDPR messages is like playing a never-ending game of Whack-a-mole. Yes, the May deadline to the EU's looming data protection regulation is fast approaching. As we kept hearing repeatedly throughout 2017.
GDPR apathy has taken root, and it will probably only get worse.
You need only search "GDPR" on LinkedIn to see reams of content veering wildly between two poles: those grumbling in apathy, and those trying to hide their panic at developing an appropriate strategy so late, appealing - publicly - for someone to come and "do a GDPR presentation ASAP".
Then there's a third contingent appealing to both sides: the "GDPR experts". Primarily lawyers, they warn execs not to fall prey to have-a-go chancers "who are doing serious harm to their clients advising them after literally reading GDPR once".
As data privacy attorney Sheila FitzPatrick told us last year:
"When I hear security companies tell me 'we have world-class security so we will be GDPR compliant', I literally want to slap them…I don't. But I want to, because security is not privacy…Data is the wheel - the whole life cycle of the data - and only one spoke is security."
Where then to turn?
We spoke to business leaders from across Europe to ask them for their instinctive response to hearing the acronym being uttered; and how they are cutting through the noise to give concise advice on the issue to their customers.
1. Ingo Kierse - MD of Germany-based MSP Xantaro
"My first reaction is 'oh my god, here comes the next one with 50 per cent GDPR knowledge and 100 per cent overconfidence!'
"My second reaction is that some law firms will make a lot of money by charging companies to become compliant. My third reaction is this is really serious stuff, because it affects every angle of my company.
"My advice is to use GDPR as a 'compelling event' to educate business leaders around cybersecurity…In our view IT security managers must become their own biggest critics and start looking for pragmatic ways to ensure the company achieves the right balance of acceptable risk."
2. Murray Pearce - UK MD of Switzerland-based VAD Infinigate
"As a head of a company you might have shuddered a little: you've been hearing big numbers floating around that can come off your bottom line and that can never be a good thing. Usually the first response is 'what can IT do about this?' And the head of IT's response pretty much is 'arghhhhh! I have so many holes everywhere in the network, so many different places I can get caught and now I have to sort out my data too - arghhh!'
"For the most part, the channel is more than happy about helping their customers find the right solutions…You can imagine the sales managers in the channel business parting their hands in a big welcoming gesture towards the GDPR, with a beaming smile…In the UK alone, figures such as £1bn have been bandied about for the new IT-related business through products and services.
"My advice in general is that you should be thinking about how you use someone's personal information and treat their details as you would expect your own to be treated."
3. Paul Stringfellow, technical director of UK-based MSP Gardner Systems
"I'm not sure there is such a thing as a GDPR expert with a comprehensive solution: GDPR is much too wide in remit.
"There are those who can offer advice on the legal aspects, the process and procedure aspect, the education, the governance and auditing of data; however, it would be difficult to find an expert. Companies with the overall expertise may well exist and these are likely to be your large consultancy firms, PwC for example. But don't be sucked in by someone new to the market offering to fix your GDPR 'compliance'," he said.
"As for the channel, if you are looking at selling a solution to all your customers' GDPR requirements then you are thinking about this the wrong way. But if you are looking at GDPR as a way to help customers deliver better data management, governance and control, this is a significant opportunity for you to provide good services, education and potential solutions."
Article continues on following page
Security firm set to become part of acquisitive Shearwater Group
Distributor merges three northern sites into one new hub in Warrington
Activist investor puts forward five director candidates as turmoil continues at security giant
Nima Green asks what is driving public cloud uptake in Germany