March 21 – Today, PANTA RAY’s President Gianna Detoni is in Rome to take part in the central round table at the Cybersecurity Summit in Rome.
In the Congress Center Fontana di Trevi, Gianna spoke of GDPR and implications for the continuity of organizations, together with Roberto Fermani, Privacy Manager in TIM, Valentina Frediani, CEO of Colin & Partners, Feliciano Intini, CyberSecurity, Privacy & Compliance specialist in Microsoft Italia and Cesare San Martino, IT Security consultant from Cybersel.
The event is a great occasion to restate the essentiality of Business Continuity in any organization aiming to conquer a bright and solid future.
The first mistake an organization can make is to approach Business Continuity and Organizational Resilience just because of the GDPR, or any other regulation. If implemented with the right degree of commitment and investments, continuity can take an organization to the next level, significantly increasing its chances of success in the market. GDPR is a perfect trigger, but the matter must be approached differently than a mere bureaucratic pain.
The GDPR will force organizations of any industry and size to review their data management procedures, in order not to slip into fines and important reputational and commercial damage.
Since many years, the world of Business Continuity has focused on data breach, which are steadily the number 1 or 2 threat in the Horizon Scan Report of the Business Continuity Institute. To deem itself resilient, an organization cannot face the issue simply with technical solutions (the human error is always behind the corner, just as hackers’ tactics are often one step ahead), but it has to use something more global and interdisciplinary, which can prepare the organization to react and respond in the right way.
The Business Continuity methodology is by nature interdisciplinary and has the objective to identify in advance the proper countermeasures to face any threat, including obviously the loss of sensitive data. From the development of a policy to the threat analysis and the implementation and test of plans, the methodology has all it takes for an organization to avoid being caught unprepared by any event, including GDPR.