We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Challenges of Law Compliance in the Data Security Arena

Ditsa Keren Technology Researcher

PrimeSec CEO Or Lavi served a commanding role in the 8200 army reserves unit, where he gained his first hands on experience in managing Information Security and Data classifications. He is a certified lawyer (LL. M) with expertise in law and technology aspects from the Bar Ilan University, and has over 15 years of experience in the field of IT, information security and related regulatory aspects. After several years in the hi-tech industry, he decided to go back to his origins and founded PrimeSec, a consultancy firm that helps organizations to align their security needs with local and global privacy regulations and standards.

What can you tell us about the PrimeSec team?

At Primesec, we believe that service should be conducted at the field and not just theoretically. The company’s managers and employees are all academically educated and highly experienced in the fields of law and computer sciences, well versed in information security and management of regulatory and technological enterprises. They specialize in consulting, integration and risk management at multiple sectors of the economy, from large scale corporations to small businesses, while creating a ‘Costume Made Suite’ to the organization characterization and risks handling.

PrimeSec provides both technological and legal consultation. How do the two coincide?

As a Lawyer and a programmer, and late project manager, I was the "mediator" between business and IT staff and I realized that good organization should find the common language between those two leading units.  The company knowledge combines between the world of regulation and law and the world of IT and technology; it allows Primesec to provide a professional consultation in matters of complying the various regulations, while considering the technological complexity in each organization individually.

What are the regulatory challenges that organizations and corporations are facing today?

Over the past year, we have been focusing on the implementation of new Cyber Regulation in the Capital Markets (Insurance, Funds), and two minor regulations in the municipal water sector and the Public Transportation sector.

In the first case, the new regulation has changed a former one, shifting the focus from Data Classification as a main risk, to adopting best practices of handling data in the Cybersphere.

The big challenge is to uncover the new threats while updating working methodologies to address these new regulations, all within a very short time span of one year.

In two other sectors the challenge is to implement information security and Cyber risk assessments in organizations which did not invest in this field previously or which only used minimal resources. Therefore, the aim of our work with such organizations is to establish effective Information Security Systems and manage them in the long run.

Please give us an example of a problematic regulation concerning data security?

The Israeli Privacy Protection Act was legislated in 1981 and has not changed since, although technology and data accessibility have changed dramatically. In many instances, the act uses terms which are no longer relevant, while no clear instructions are as specified for the use of up-to-date technologies and devices. This makes compliance very challenging, and results in entire sectors remaining completely exposed to data leakage.

What best practices would you recommend for technology companies seeking to secure themselves from legal disputes?

A high percentage of information security events that occurred in recent years happened due to the lack of knowledge and awareness of employees. Therefore, in order to fight and eradicate the risks arising from the human resources within the organization, Primesec sees an urgent need in raising information security awareness by building structured education methodologies. Implementing information security measures is not only technological, but a change in the entire approach of organization.

The consequences of information security events are immense, and may include reputational damage, leading to a loss of customers and a lowered market share, thus imposing major financial risks.

How do you see the future of global information security regulations?

From my perspective, forthcoming global regulations will prioritize Data Privacy, with specific emphasis on addressing Data Mobility and the utilization of cloud environments. Additionally, Cybercrime is an area of international concern, as these crimes are frequently supported or sponsored by governments and politically motivated entities. To effectively combat economically motivated hackers, it necessitates collaboration among various stakeholders, including both public and private sectors.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback