It is easier to be sure security and privacy controls are suitable and justified when data has long been classified and flagged as Individually identifiable facts (PII). Retailers may be needed to go through (and purchase) an evaluation to make sure that they’ve enhanced their security, which we’ll discuss in https://tefwins.com/nathan-labs-advisory-empowering-cyber-security-with-aramco-certification-in-saudi-arabia/