Every year, we’re told, is going to be the “Year of Data Security,” the year when everyone starts to recognize the importance of protecting data and securing information. That prediction is about as helpful as saying that this will be the year when everyone obsesses over a different meme each month – it’s both obviously correct and so overly broad as to mean very little. We hear it, maybe agree with it, and then go back to whatever we were doing. Same old, same old.

But the same old routine can’t last for much longer, especially when it comes to data security. If 2017 was an active year (Equifax, Yahoo, Verizon, Uber, etc), it is likely to be little more than prologue to 2018. Federal agencies and state governments are issuing data security regulations at a furious pace, and are becoming more aggressive in pursuing actions. There seems to be a new data breach lawsuit every week, and a new multimillion-dollar settlement.

This year is unique, if for no other reason, because the European Union’s General Data Protection Regulation (“GDPR”) goes into effect on May 25, and it will apply to many U.S. businesses, whether they’re aware of it or not. The penalties for noncompliance are stiff – up to €20,000,000 or 4% of global revenue, whichever is higher.

The common theme in all of this is that businesses can’t do what they’ve always done and expect to remain competitive. A data breach not only invites investigations and lawsuits, it drives customers away and cuts market value. Success in this environment isn’t just survival of the fittest; it’s survival of the smartest.

So the question is, are you DataSmart?