Enterprise Security Tech: GDPR Fourth Anniversary – Experts Share How Far We’ve Come and What We’re Still Missing
On May 25, 2022, NetSPI Managing Director, Steve Bakewell, was featured in an article in Enterprise Security Tech called Experts Share How Far We’ve Come and What We’re Still Missing. Preview the article below, or read the full article online.
+++
May 25 marks four years since the introduction of GDPR, a law that completely transformed how organizations collect, store and protect user data. We heard from cybersecurity and privacy experts on how GDPR impacted the industry and their current thoughts on the law today and how it might impact the future.
Steve Bakewell, Managing Director EMEA, NetSPI
“On the fourth anniversary of the GDPR, it’s fair to say the legislation has impacted both consumers and companies alike. Consumers are more aware of the value of their personal data and how companies collect and use it, which is increasingly informing the choices they make as well as the brands and services they trust. Data breach notification rules have increased transparency and cookie warnings are everywhere, yet remain inconsistent. This lack of consistency is being addressed by the EU within its wider ePR (ePrivacy Regulation) update, which serves as an example that regulations tend to change over time.
Companies have done a lot of work to bring their systems and processes inline with the GDPR, but it is a continuous exercise. In the same way regulations change, so does technology. For example, the increasing uptake in cloud services has resulted in more data, including personal data, being collected, stored and processed in the cloud.
Moving forward, companies should be confident they have mapped out the data lifecycle for the organisation, including what it is, where it is, how it is collected, stored, processed and deleted. Understand and implement both privacy and security requirements in systems handling the data, then test accordingly across all systems, on-prem, cloud, operational technology, and even physical, to validate controls are effective and risks are correctly managed.”
Read the full article online.
Explore More News
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.