With a record number of highly publicized career-ending data breaches, it has been a difficult time to be a CIO / CISO over the past 12 months, and there are no signs of things getting easier in the near future. The industry is facing the coming together of two key trends in data security: stronger regulatory requirements from authorities across the globe, and increasing levels of sophistication shown in the tactics of malicious hackers. Regulations such as GDPR in the EU and HIPAA in the US healthcare industry have redefined what is considered a data breach, and the threats to businesses are increasingly involving human targeting and social engineering to gain access to valuable personal data.