One of the biggest stories in cybersecurity over the past year is the European Union’s new data protection measures. The General Data Protection Regulations (GDPR) took effect on May 25, 2018, and applies to any company that collects and/or processes data from individuals residing in the EU. GDPR comes with steep penalties for noncompliance, including fines of up to 4 percent of global revenue, or sanctions preventing companies from continuing associated operations. Following the guidelines in the GDPR has understandably been a top concern for many organizations.