EU General Data Protection Regulations Troubles, Fines and Jail are assured – Now Add IOT to the threat and be assured even Bigger and company longevity, Troubles

BigDataRevealed has already thought through these issues and has the two needed solutions.

The stated and researched issues and exposures according to some Experts:

The Rise of Cyber-Overconfidence in C-Suite December 2016 RedSeal polled 200 CEOs about their confidence in their companies’ cybersecurity posture, and discovered they are dangerously unrealistic about how vulnerable they are. In fact, more than 80 percent display “cyber naiveté,” allowing their global organizations to be exposed to massive cyber-attacks.

Key Findings CEOs’ Perceptions and the Realities of Cybersecurity are Very Different • Perception: More than 80% of CEOs are very confident in their firm’s cybersecurity strategies. Reality: Security incidents have surged 66% year-over-year since 2009 according to PricewaterhouseCoopers’ 2017 Global State of Information Security Survey. PWC’s 2015 Global State of Information Security Survey projected that losses from cyber-attacks will jump from $500 billion in 2014 to more than $2 trillion in 2018

LEXOLOGY - GDPR and the Internet of Things: 5 Things You Need to Know European Union, Ireland May 26 2016 Companies who operate in, or are contemplating entry into, the Internet of Things ("IOT") field should be aware of upcoming changes to the EU data protection regime, which will apply from May 2018 and may have a significant impact on their business model and the design of their products, processes and devices.

The General Data Protection Regulation ("GDPR") came into force on 24 May 2016 and will apply from 25 May 2018. The GDPR will introduce developments to a number of areas of EU data protection law that are likely to have a direct impact on the way device manufacturers, application developers, social platforms and other entities involved in the IOT field design, devise and bring to market IOT-based devices, systems and applications.

DPR Risks and "Data Science" IAPP The term data science describes a process from data discovery, to providing access to data through technologies such as Apache Hadoop (open source software for large data sets) in the case of Big Data; and distilling the data through architectures such as Spark, in-memory and parallel processing. That data science creates value is understood. What isn’t are the risks it exposes investors to under the GDPR, of which there are principally three:

The following are 5 key changes of particular relevance to the IOT:

1. Security breaches

One of the principal privacy concerns that have been expressed in relation to IOT devices is that they provide soft targets for hackers and are susceptible to security breaches. The GDPR will introduce a general mandatory notification regime in the event of personal data breaches. Data controllers will be required to report personal data breaches to their supervisory authority no later than 72 hours after becoming aware of such breach and, in some cases, will also be required to report such breaches to affected individuals. Data controllers using the IOT will need to ensure that they are in a position to identify and react to security breaches in a manner which complies with the requirements of the GDPR.

2. Consent

Doubt has been expressed about the ability of IOT devices, even under the existing EU data protection regime, to obtain consent of sufficient quality from users of such devices in relation to data processing activities. The GDPR will tighten the existing requirements in relation to data subject consent, requiring data controllers to demonstrate consent has been given by way of a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of his or her personal data. The GDPR provides that consent cannot be presumed through the inaction of the data subject and that consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.

3. Privacy by design and privacy by default

Privacy by design and privacy by default are concepts which exist in current data protection legislation, but the GDPR will put these concepts on a firm legislative footing. It will impose obligations on data controllers to adopt significant new technical and organizational measures to demonstrate their compliance with the requirements of the GDPR. These may include conducting data protection impact assessments in certain circumstances which are likely to arise in connection with IOT systems.

4. Enhanced data subject rights

The GDPR will confer new substantive rights on data subjects in relation to their personal data. These substantive rights include an express right to be forgotten, data portability rights and the right to object to automated decision making.

Thought will need to be given in the design of IOT devices, applications and systems as to whether the necessary capabilities have been built-in to facilitate the exercise of these data subject rights in compliance with the GDPR, particularly in relation to data portability.

5. Processing Personal Data relating to children

The GDPR will make it impossible for children under the age of 13 to consent on their own behalf to the processing of their personal data in relation to online services. For children between the ages of 13 and 15 (inclusive), the position will depend on legislation in each Member State (although the default position will be that children between those ages will not be able to give consent on their own behalf). These provisions pose challenges for those intending to bring to market IOT devices that may be used by children, both in relation to the feasibility of introducing parental/guardian consent mechanisms to the devices and in relation to the ability to market such devices at an EU-wide level, given that the law relating to children between 13 and 15 may not be uniform across all Member States.

Separately, it is also worth noting a more immediate development in the IOT field: the "GPEN Sweep" study on IOT, which is being coordinated by the Global Privacy Enforcement Network. The Irish Data Protection Commissioner has announced that it, along with 28 other data protection authorities around the world, will participate in the GPEN Sweep, which will examine how IOT devices use personal data and communicate such use to customers. The results of the GPEN Sweep are expected to be published in September.

BigDataRevealed has already thought through these issues and has the two needed solutions.

1. What has already found its way into your Data Lake in the form of Personally Identifiable Information, Banking, Insurance, Credit Card and other forms of Personal at Risk Data can be Discovered and Sequestered/Encrypted at the scaling speeds of Hadoop, eliminating your existing exposures to the EU GDPR and US Banking Regulatory Risks, HIPAA and other Regulated Data.

2. BigDataRevealed-IOT now applies the same sophisticated, Collaborative and built-in libraries to Discover, PII and at Risk Data While In-Memory and protect and Encrypts you’re at Risk data, before it gets written into your Data Lake, eliminating the polluting of your Data lake and exposing sensitive data to outside hackers as well as staff that is not authorized to see this data.

3. BigDataRevealed has been built from bottom up using all the current Apache Hadoop technologies, Eco-System, Architecture and scalabilities allowing for Implementations and delivery of results day one. BigDataRevealed also has thought through how companies process ETL, BI, Predictive Analytics, Handle IOT and use third party technologies, BDR is architected for third party application restful API calls from within their processes when applicable and necessary to meet the clients needs.

Start your FREE data analysis process now! Contact: Steven Meister at 847-791-7838 email @ info@bigdatarevealed.com. For a little taste of BigDataRevealed Sequester/Encryption: https://youtu.be/MSEnKyQGfaA - Our big data protection capabilities of our intelligent catalog provide the necessary arsenal to protect Hadoop from hackers.pdf