Privacy, and the GDPR in particular, has captured the headlines in recent years, but it is only one element of a much larger legal and operational landscape that can expose companies (and their officers) to significant risk. Guy Sereff and Erin Eiselein discuss some often overlooked information security issues that companies should be focusing on to ensure compliance and minimize risk in this dynamic landscape.