The GDPR: Building A More Secure Digital Europe

Image of protected software on phone

We are now almost four years on since the GDPR was first introduced. At the time, it was cited to be one of the most profound changes to data protection laws globally, holding organisations directly accountable for the information they store, process and share. It was essentially one of the biggest changes we have seen since the 1998 Data Protection Act, and businesses all looked at how they could comply to avoid hefty fines.

However, in the world of technology, a lot can change within such a timeframe. Over the past two years, we have found ourselves amidst a global pandemic, something that no one could have predicted, but also something that has changed the way we work. We are now in the eye of a digital revolution that is bringing far-reaching change to our behaviours, our organisations, and our ways of life. The pandemic without a doubt marked a turning point in how businesses operate and laid bare our dependence on digital technology. But what does this mean for cybersecurity, how effective is the GDPR and how can European governments and IT leaders alike maintain digital sovereignty in the new global digital world?

Firstly, it is important to note that anything aiming to improve security and ensure more visibility and accountability when it comes to data is only a good thing, and a step in the right direction. We have seen companies around the world implement the controls necessary to comply, and we have seen enforcement actions start to come to light against companies that haven’t.

For many organisations, complying with the GDPR has forced them to take a hard look at their internal processes, with new ways of thinking and acting. For businesses, implementing a good cybersecurity strategy that puts data protection at its core is a must. One of the main accomplishments of the GDPR legislation is that businesses can no longer delay data protection. It has also brought more general awareness to just how valuable and critical data is. All of this together ensures a tighter data protection approach as we move forward.

In addition, the GDPR framework goes far beyond the realm of just privacy alone. It impacts many more aspects of IT and security such as data management, data protection, software development, and system administration. Ensuring data protection is now virtually everyone’s business, from backup and archiving to cloud migration and moving data to another area of the organisation. Everyone who handles sensitive information must do so with the utmost care.

One of the challenges this brings is that the GDPR legislation can often be seen as complex, confusing and challenging to implement. In addition, we are now faced with a new sea of change, brought on by businesses that rapidly digitalised their initiatives amidst the pandemic. We face new user behaviours, a remote working culture, and a tech-savvy generation which all bring new benefits but with it also challenges when it comes to digital businesses and data protection. The pandemic clearly showed that the GDPR is no longer suitable for all eventualities and situations, as the trend toward remote work increasingly blurs the boundaries between private and professional. It is becoming even clearer that regulations are unable to keep pace with today’s rapid innovation cycles. The challenge we have long had even before the GDPR was introduced is that legislation often comes afterwards. Technology advances at a rapid pace, but it can take months or even years to build out a policy or framework and pass it through to law, by which time it comes to fruition only when we are already facing a new challenge.

Data security must be practical, easy to understand and implement if we want businesses to thrive, remain agile but also have data protection at their core. After all, we don’t want global organisations to move away from working with European businesses and partners because they worry that complying with the GDPR will be too problematic. Data protection is and always should be considered a good thing to achieve.

Here, we need to look at data protection as working hand in hand with businesses to achieve their goals, rather than as a trade-off. After all, no business wants a data breach. However, we will get nowhere if we only focus blindly on solutions offering maximum data protection, without considering user experience and other just as important factors.

The good news is that there are solutions that support innovation and agile business models without jeopardising individual privacy, and they are continuously striving to deliver stronger, better solutions to the evolving ecosystem. The GDPR legislation was certainly groundbreaking in many aspects, and it created a global model mandating security. As we move forward and evolve, it is something that we should continually look to evaluate. We need to create and foster a positive cybersecurity culture that organisations across the world strive to achieve.

To create a truly secure digital Europe, we need to keep data security practices. This does not mean less security, but a set of principles and a culture that is easy to understand. We need to make it possible for users and companies to conform to data protection rules and security needs while remaining competitive at a global level. And we need to embrace a digital culture that turns the spotlight on the value of our data while applying pragmatic data protection and cybersecurity methods to guarantee added value, prosperity, and growth for the future.

Written by Axel Voss, Member of the European Parliament and Jean-Noël De Galzain, founder & CEO of WALLIX.

Is It Time for a VMware Alternative?

Wind River • 22nd May 2025

Companies have options when it comes to replacing VMware as their cloud platform, to address rising costs, support concerns, and a shrinking partner ecosystem. If you are ready to contemplate a different vendor, here are five reasons why Wind River Cloud Platform should be on your short list of VMware alternatives.

AI Leads as VivaTech Unveils Top 100 Startups

Viva Technology • 14th May 2025

Viva Technology has unveiled the first edition of its “Top 100 Rising European Startups for 2025,” spotlighting the most promising young companies shaping Europe’s tech future. Germany, France, and the UK lead the ranking, which highlights high-growth startups across 13 countries. Artificial intelligence dominates the list, with 15 companies spanning AI agents, models, and infrastructure....

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...

The need to eradicate platform dependence

Sue Azari • 10th March 2025

The advertising industry is undergoing a seismic shift. Connected TV (CTV), Retail Media Networks (RMNs), and omnichannel strategies are rapidly redefining how brands engage with consumers. As digital privacy regulations evolve and platform dynamics shift, advertisers must recognise a fundamental truth. You cannot build a sustainable business on borrowed ground. The recent uncertainty surrounding TikTok...