Key industry sectors continue to raise the cybersecurity bar for their covered entities by developing increasingly demanding standards and operational expectations around cybersecurity and privacy. Governments are beginning to follow the lead of the EU’s General Data Protection Regulation (GDPR) to toughen privacy requirements and sanctions. Ankura expects to see compliance regimes become increasingly strengthened and penalties rendered more punitive. Understanding organizational cybersecurity and privacy compliance should be the concern of chief compliance, privacy and risk officers, general counsels, internal audit and board audit, risk and compliance committees – especially for regulations that require personally signed certifications of compliance and that could trigger cybersecurity directors’ and officers’ liability.
Ankura’s cybersecurity, privacy and data governance professionals provide expert independent assessments of clients’ compliance with, and audit readiness for, many of the most pervasive standards and regulations in key industries. We provide practical, no-nonsense roadmaps toward compliance validation and certification around these and other requirements: