U.S. companies spending millions to satisfy Europe's GDPR | CIO: Short of a catastrophic breach, there may not be a better business case for U.S. companies operating in Europe to fortify their cybersecurity and risk management portfolios than the GDPR, which regulators will implement on May 25, 2018 to ensure data protection for individuals within the European Union (EU).