There is a growing amount of personal information and data available on the internet that is accessible to an infinite number of businesses and organizations. In regard to this, there is something we must keep in mind: GDPR.

The General Data Protection Regulation (GDPR) affects all businesses in the European Union. It also affects businesses that offer services to EU citizens, monitor their behavior, or obligate them to give information extracted from data processors.

But, what will happen to the IT security sector once the BREXIT is in full swing?

The GDPR and Cybersecurity Post-Brexit

Two facts influenced the title of this article:

  • Businesses are currently immersed in a technological revolution. Cybersecurity has opened the door for Digital Transformation. In fact, 43% of company heads consider that security should be the first priority when implementing Digital Transformation. IT security is a true business value because businesses cannot be digital without first protecting themselves.
  • The Brexit: It is impossible to ignore the strong influence that the UK has had on the EU, especially in the cybersecurity sector. We cannot disregard the level of paternity that the UK has had in regards to cybersecurity laws, which mostly come from the European Convention on Human Rights (a humorous example of this can be seen in this Monty Python remake).


When summarizing the GDPR, there are three main points to keep in mind:

1- The baseline scenario for most organizations and companies larger than 250 employees in the EU: institutions who have successfully empowered employees with business silo information, who have implemented Big Data tools, and generated trillions of data files from productivity tools.

2- To fix the IT problem we need to take back control of the distributed information silo and comply with rules 12-21 of the GDPR (clear ownership, custodian and new specific accesses like the right to be forgotten, serious and proactive reporting of all data leakage and manipulation incidents, etc.) while satisfying the growing demand for digital transformation. This suggests that there is a greater distribution of business data that is both quick and automatic.

3- Lastly, we must place some importance on some of the technologies that have been implemented and personalized in different companies (Spain) over the last two years. The results have been positive with a different operational impact deriving from the GDPR based on intelligent threat platforms like Panda Adaptive Defense 360.pandasecurity-brexit-table

The future of GDPR after the BREXIT

These changes should be in full swing by mid-2018. It is uncertain how to anticipate the GDPR changes, especially when it comes to implementing operational changes related to cross-border data transfer. We hope this information is useful for people in IT roles who are up against similar situations. We will continue to look over the current regulations and wait for GDPR updates following the BREXIT. Stay tuned!

Author: Salvador Sánchez Taboada