The deadline for complying with the European Union’s General Data Protection Regulation (GDPR) is approaching fast. According to Bryant G. Tow, Managing Partner of CyberRisk Solutions LLC, the buzz in the cybersecurity industry is that auditors plan to come out “hot and heavy” to make examples out of companies that aren’t in GDPR compliance.
As a value-added reseller (VAR) doing business in the United States, you may think GDPR doesn’t apply to you, but, according to Business Insider, it not only will impact EU member states, but also any business that collects EU citizens’ data. Tow says that includes vendors or vendor solutions with locations or employees in the EU.
“If you use a supplier or have a business partner that falls under GDPR requirements, have any technology touchpoints or any integration with them at all, that partner will expect you to be GDPR compliant,” Tow explained. “We actually are seeing businesses requiring other businesses to be compliant from a risk management and prevention perspective. It’s not just the regulators who are preparing.”