Would you buy a new car today without ABS-brakes, airbags and safety belts?
Of course no, you wouldn’t buy a new car like this if it were available on the market. An old vintage model perhaps, but not a new car.
An in most developed markets, it wouldn’t be legal to sell cars like that. You need to design a new car today that helps the driver to avoid accidents, and if there is an accident, minimise the damages for driver, passages and others.
When you implementing new IT-systems, do you think about your personal safety for your customer and employees?
Is the system you developing, the system you are buying or the cloud solution you look at design with privacy in mind? If not, you are probably breaking article 25 in GDPR, Privacy by Design and Privacy by Default.
You will neither be able to use privacy as a commercial advantage in your products and services if you don’t are proactive when designing them.
Third, by not designing for privacy, you will insure a technical debt that will be costly to fix afterwards, and the cost for major security incidents could be very high, and even risk the whole company.