Specialist providers such as cloud access security brokers (CASBs) are increasingly offering machine learning to detect network anomalies, unauthorized access, abuses of system access credentials, and unauthorized data exfiltration attempts. As with analyzing data on an unprecedented scale, this approach is adaptive, continuously allowing the analysis of user behavior and anomalies against pre-defined conditions that can be adjusted later. This will enable organizations trading with the EU to benchmark and adapt permitted network behaviors, and sound the alarm on abnormal ones.
No team of IT suppliers yet provides a complete GDPR compliance solution, but machine-learning breakthroughs from CASBs are giving organizations the power to set up enterprise-wide sanctioning and control of cloud applications - and these services are becoming available to CIOs as flexible, managed services. GDPR compliance is looming large, but smart organizations have the potential to transform their network visibility and data processing capabilities, which will enable them to unequivocally accept third-party cloud services in the future. Such a strategy is possible today by adopting a "data access and security first" mindset.