VMblog: 4 Years of GDPR: Expert Commentary Shared
On May 25, 2022, NetSPI Managing Director, Steve Bakewell, was featured in an article in VMblog called 4 Years of GDPR: Expert Commentary Shared. Preview the article below, or read the full article online.
+++
Wednesday, May 25th marks the four year anniversary of the EU-wide General Data Protection Regulation (GDPR) enforcement. It comes as a timely reminder to all of us about the importance of data privacy as an increasing number of cyberattacks continue to take place.
To commemorate the milestone during this anniversary period, a few industry experts from various companies have shared their expertise and thoughts with VMblog.
Steve Bakewell, Managing Director EMEA, NetSPI:
“On the fourth anniversary of the GDPR, it’s fair to say the legislation has impacted both consumers and companies alike. Consumers are more aware of the value of their personal data and how companies collect and use it, which is increasingly informing the choices they make as well as the brands and services they trust. Data breach notification rules have increased transparency and cookie warnings are everywhere, yet remain inconsistent. This lack of consistency is being addressed by the EU within its wider ePR (ePrivacy Regulation) update, which serves as an example that regulations tend to change over time.
Companies have done a lot of work to bring their systems and processes inline with the GDPR, but it is a continuous exercise. In the same way regulations change, so does technology. For example, the increasing uptake in cloud services has resulted in more data, including personal data, being collected, stored and processed in the cloud.
Moving forward, companies should be confident they have mapped out the data lifecycle for the organisation, including what it is, where it is, how it is collected, stored, processed and deleted. Understand and implement both privacy and security requirements in systems handling the data, then test accordingly across all systems, on-prem, cloud, operational technology, and even physical, to validate controls are effective and risks are correctly managed.”
Read the full article online.
Explore More News
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.