Salted Hash Ep 28: GDPR deadline fast approaches

This week, we skip a few episodes to talk about GDPR with Greg Reber.

The deadline for the General Data Protection Regulation (GDPR) is almost here.

No. You're not seeing things; this week's episode is four shows ahead of last week's episode of Salted Hash.

We're publishing early so we can talk with Greg Reber, the founder and CEO of AsTech Consulting, about GDPR and some recent questions we had. But don't worry, we'll be back to our normal schedule next Tuesday.

During our trip to the RSA Conference last month, Salted Hash learned some interesting things when it comes to web-based marketing efforts and the regulation itself.

GDPR, is a tough nut to track, because almost everything you can imagine is covered under it. Names, addresses, ID numbers, IP records, health and other bio-metric data, even political data, are all considered protected data under GDPR.

It's been a few months since we last spoke to Reber, episode 20 to be exact, so we had a few follow-up questions. Are organizations better prepared? No, unfortunately, as "most U.S. organizations" are not ready for GDPR he said.

We also asked about cookies. Are cookies, as they relate to direct marketing, covered under GDPR? Yes, they are. In fact, consumers will have to opt-in to direct marketing campaigns.

The problem of preparing for GDPR by hiring a lawyer is still an issue Reber said, which isn't the right way to go about something like this.

The best way to prepare (and avoid fines by showing good-faith efforts to comply) is to know what types of data exist on your network, where said data lives, and where it goes as it enters and exits your control.

If you haven't seen it, CSO's Michael Nadeau has been following all things related to GDPR and covering them extensively.

Copyright © 2018 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)