GDPR coming into effect on May 25th 2018
Privacy by design will be a legal obligation within GDPR regulations. Security systems are IT systems and security systems hold PII. Consultants, designers and specifiers will have an obligation to design systems taking into consideration IT security from bottom up.
Specifying a system that doesn’t comply with legislation, will make them accountable for any fines that are levied with a maximum fine of4% of the end user global turnover!
As everyone becomes accountable throughout the design the evaluation of the supply chain has never been so important and with so many vulnerabilitiess recently been exposed and poor process to rectify surely this should be a major concern for any professional security people ??