Keeping Up with Ever-Changing Privacy Regulations

Trying to keep up with ever-changing privacy regulations may feel like running on a treadmill; sure, you’re moving — but you aren’t getting anywhere.’s CTO & Founder, Itzhak Assaraf, discusses a solid strategy for dealing with this constant change. Data and Privacy Regulations: The Ultimate Moving Targets Keeping on top of something that never […]

It’s Time to Organize—How to Inventorize Your Mess of Data


When was the last time you tried to inventorize your closet?  Inventorizing (or organizing, in plainspeak) your closet can be a frightening proposition; lots of clothes, all in the wrong places, some in boxes with labels, some in boxes without labels, some labeled incorrectly altogether.  Oh, and don’t forget about the clothes that made their […]

The Who, Why and What’s in It for Them of Successful Data Privacy Programs

compliance map data privacy gdpr

You know what’s hard work? Building a successful data privacy program, that’s what. As consumers, we are very grateful for privacy laws like GDPR and CCPA, which put power back into the hands of the rightful data owner. But let’s be honest: as data professionals, these laws are often the source of a whole lot […]

Dear CISO: Who is Responsible for the Privacy of Data Subjects?

CISO data privacy protected gdpr ccpa analysis

In Theory: The legal team/DPO should lead the privacy policy as well as manage direct interaction with data subjects, such as DSAR management. Security should lead the implementation of the privacy policy, including how to create, monitor, and protect the organization’s personal data inventory. In Practice: CISOs have the knowledge, tools and business processes in […]

SD Times: A new approach to personal data discovery

sd news

Why do we seem to emulate the ostrich and put our heads in the sand when it comes to personally identifiable information (PII) discovery? Every other technology throughout history that I can think of has undergone multiple phases of evolution, including anti-virus, perimeter security, cell phones, the car – I could go on. So please […]

Dear CISO: Partial Inventory is No Inventory at All

GDPR started it and others followed. Unlike with other sensitive data assets that we as CISOs need to manage, it’s now quite clear what is expected of us regarding personal data. After analyzing all these expectations (more like requirements) and merging them into practical actions, the only practical solution is to create a central and […]

Dear CISO: Where to Look for Personal Data

GDPR, effort, sensitive data subjects, overview, database, management

   For part 2 of the “Dear CISO” series, click here. Inventorize Your Personal Data Dear CISO,  It has come to my attention that recent regulations require us to manage personal data in a very specific way. I trust that the security teams that report to you are now managing sensitive data such as our […]