A regulation about how companies protect EU citizens' personal data.

Its aim

To better protect the processing and movement of personal data.

Who is affected?

Any business handling EU citizens' personal data must be compliant. Global scope

The main components

Data Quality (Privacy by Design)
Confidentiality (Simple Consent)
Limited Access (Data Processing Responsibilities)
Security Safeguards (Individual Rights)


Breathtaking - companies not compliant face fines of 20 million euros or 4% annual revenue.

Size of opportunity

Big. Every single business has to be compliant

What services should I be providing?

Cyber security and data protection services will be at a premium.

Is there a skills gap?

Inevitably. It's predicted that the world will face a shortfall of 1.8 million experts in the field by 2022 to keep up with the pace of cyber attacks*

How to bridge the gap?

Employ white label services from an experienced and accredited professional services company.

What do they do?

A discovery workshop to assess GDPR readiness. Identifies your customers' security culture, policies and controls and assesses the risk. Result is a gap analysis report.


Revenue from offering assessment skills. Enhances portfolio. Secures business. Maintains business.
Discussion about how to leverage IT to be compliant. Product sales.

*Survey of 19,000 cyber security professionals by the Center for Cyber Safety and Education