The listings featured on this site are from companies from which this site receives compensation. This influences: Appearance, order, and manner in which these listings are presented.
Our videos have over 5 million views on Youtube! Visit our channel now »
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers. These take into consideration the reviewers’ independent and professional examination of the products/services.

Ownership

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Reviews Guidelines

The reviews published on vpnMentor are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

Challenges of Law Compliance in the Data Security Arena

Challenges of Law Compliance in the Data Security Arena

Author Image Ditsa Keren
Ditsa Keren Updated on 21st July 2023 Technology Researcher

PrimeSec CEO Or Lavi served a commanding role in the 8200 army reserves unit, where he gained his first hands on experience in managing Information Security and Data classifications. He is a certified lawyer (LL. M) with expertise in law and technology aspects from the Bar Ilan University, and has over 15 years of experience in the field of IT, information security and related regulatory aspects. After several years in the hi-tech industry, he decided to go back to his origins and founded PrimeSec, a consultancy firm that helps organizations to align their security needs with local and global privacy regulations and standards.

What can you tell us about the PrimeSec team?

At Primesec, we believe that service should be conducted at the field and not just theoretically. The company’s managers and employees are all academically educated and highly experienced in the fields of law and computer sciences, well versed in information security and management of regulatory and technological enterprises. They specialize in consulting, integration and risk management at multiple sectors of the economy, from large scale corporations to small businesses, while creating a ‘Costume Made Suite’ to the organization characterization and risks handling.

PrimeSec provides both technological and legal consultation. How do the two coincide?

As a Lawyer and a programmer, and late project manager, I was the "mediator" between business and IT staff and I realized that good organization should find the common language between those two leading units.  The company knowledge combines between the world of regulation and law and the world of IT and technology; it allows Primesec to provide a professional consultation in matters of complying the various regulations, while considering the technological complexity in each organization individually.

What are the regulatory challenges that organizations and corporations are facing today?

Over the past year, we have been focusing on the implementation of new Cyber Regulation in the Capital Markets (Insurance, Funds), and two minor regulations in the municipal water sector and the Public Transportation sector.

In the first case, the new regulation has changed a former one, shifting the focus from Data Classification as a main risk, to adopting best practices of handling data in the Cybersphere.

The big challenge is to uncover the new threats while updating working methodologies to address these new regulations, all within a very short time span of one year.

In two other sectors the challenge is to implement information security and Cyber risk assessments in organizations which did not invest in this field previously or which only used minimal resources. Therefore, the aim of our work with such organizations is to establish effective Information Security Systems and manage them in the long run.

Please give us an example of a problematic regulation concerning data security?

The Israeli Privacy Protection Act was legislated in 1981 and has not changed since, although technology and data accessibility have changed dramatically. In many instances, the act uses terms which are no longer relevant, while no clear instructions are as specified for the use of up-to-date technologies and devices. This makes compliance very challenging, and results in entire sectors remaining completely exposed to data leakage.

What best practices would you recommend for technology companies seeking to secure themselves from legal disputes?

A high percentage of information security events that occurred in recent years happened due to the lack of knowledge and awareness of employees. Therefore, in order to fight and eradicate the risks arising from the human resources within the organization, Primesec sees an urgent need in raising information security awareness by building structured education methodologies. Implementing information security measures is not only technological, but a change in the entire approach of organization.

The consequences of information security events are immense, and may include reputational damage, leading to a loss of customers and a lowered market share, thus imposing major financial risks.

How do you see the future of global information security regulations?

From my perspective, forthcoming global regulations will prioritize Data Privacy, with specific emphasis on addressing Data Mobility and the utilization of cloud environments. Additionally, Cybercrime is an area of international concern, as these crimes are frequently supported or sponsored by governments and politically motivated entities. To effectively combat economically motivated hackers, it necessitates collaboration among various stakeholders, including both public and private sectors.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback