Today, Data security has become crucial for any business or government in the world. Understanding where threats come from and what are the physical, technical and administrative means to counter them are at the basis of any business strategy.
Cybersecurity therefore plays a crucial role in the broader framework of business risk management. However, it is only recently that companies have become fully aware of its importance. This happened thanks to the introduction of the European GDPR regulation and, above all, due to the increasingly frequent succession of cyber attacks of growing technical and organizational complexity, which have highlighted serious vulnerabilities in public, private and even governmental organizations. The driving force of this new attitude is the change in the consumption of IT services (mobile devices, IoT, Cloud, etc.) and the consequent breakdown of the so-called "IT security perimeter".
To make data protection safer and more efficient, the EU Regulation 2016/679 (GDPR) has introduced the figure of the Data Protection Officer (DPO), also known as Data Security Manager. Starting from May 25, 2018, following the entry into force of the European GDPR regulation, it has become mandatory for companies to have this new professional figure, which can either be selected among its employees or be an external and independent freelancer.