Your company is expanding its operations to a new region with strict data protection laws that differ significantly from those where your headquarters is located. What is the most important first step your security governance team should take to ensure compliance with the new region's legal requirements?
Implement an advanced encryption protocol to secure all data in transit and at rest within the new region.
Mandate that all employees complete a new security awareness training immediately.
Apply the same security policies from the headquarters to the new region's operations without modification.
Review and align the security policies with the local/regional legal requirements.