Software AG is broadening its digital business platform to include data protection management. This significant capability is made possible by a new partnership with DP Governance Limited, a London-based company with unparalleled expertise in the field of data protection. This new data protection capability is now available to Software AG clients worldwide.
DPG developed the only single point analysis of technical vulnerability, business process weakness and potential legal non-compliance – the three key drivers for total data security. This unique methodology provides the organisation with a comprehensive view of its risk profile, and not the narrow scope of ‘’cyber’’ and ‘’technology”.
Michiel Jorna, global industry director – digital risk, Software AG: “The fast-evolving sophistication with which artificial intelligence can search, monitor, generate, share and retain information means that smidgeons of organisational information can be mined, collected and used by nefarious individuals and entities.
These data breaches can have a serious impact on organisations – in terms of loss of records, operational failures, dwindling customer trust, cost of phishing, and intellectual property loss. On top of this, regulators now have significant scope to levy fines on companies, which do not possess appropriate data protection measures. Litigators are already taking legal action against organisations that suffer any data breach.”
Due to come into effect on May 25th, 2018 is the new EU GDPR (General Data Protection Regulation), which has significant implications for all organisations processing EU citizen data. Regulators can impose fines of up to 4% of a company’s global turnover.
While the United States does not have a Federal Privacy (data protection) law, there are more than 20 privacy and security laws along with hundreds of individual State laws. In the US alone, there has been a marked increase in class actions in the past year against companies, which suffered a data breach, with the potential for massive fines and senior executive resignations. But perhaps the greatest concern is that of brand erosion and share price impact, where typically a massive drop in a quoted companies share price after a breach becomes public, is an equal deterrent (note, for example, the recent data breach at Equifax, where it was reported that 143 million people’s data was compromised and that the company still appears unable to reassure its customers that their data has not been hacked).
Nick Alexander, chief executive officer at DPG, said: “In trying to deal with the complex data protection issue, businesses must design and implement data protection plans focused on risk management and minimisation to provide oversight of all its operations including the full range of all its evolving data.In trying to alleviate this acute pain point, DPG developed a fully comprehensive and analytical software-driven methodology that enables any organisation to monitor its entire business architecture. It understands and assesses, on an ongoing basis, which failings are likely to lead to data breaches and/or where major non-compliance issues reside”.
The combined Software AG and DPG data protection solution comprises three steps:
- Step One – Analysis: Deployed via simple-to-use software, the DPG Pathfinder® interrogates six key business areas across 85 business processes and includes 3,500 questions. This extensive and valuable analysis captures how data, infrastructure, and relationships are managed to ensure they meet data protection requirements and to help decrease the likelihood of a data breach. Most importantly, through the use of unique algorithms and DPG’s knowledge of business process weakness, this step enables those responsible for data protection to identify gaps and possible liabilities including, for example, coverage against GDPR’s introduction in Europe next year.
- Step Two – Transformation: The results of the DPG Pathfinder® analysis maps seamlessly into Software AG’s B&ITT (Business and IT Transformation) platform – a core component of the Digital Business Platform. This unique combination of Business Process Analysis, Governance Risk & Compliance, Enterprise Architecture Management and IT Portfolio Management capabilities enable organisations to transform both business processes and application systems, and gain insights in to any potential risks or data breaches, and most importantly to provide evidence of regulatory compliance.
- Step Three – Sustainability: An important component of data protection management is that it is not an end in itself, but rather the beginning of an ongoing and continuously improved process. The Software AG Digital Business Platform capability for Data Protection in areas such as GDPR enables an organisation to continue to maintain its understanding around movement, use and guardianship of its data as well as keep abreast of the latest regulatory changes and updates.