What is GDPR?
The European Union’s (EU) General Data Protection Regulation (GDPR) creates additional security and privacy obligations for organizations to comply with. All organizations, including those outside of the EU that hold data on European citizens, need to review their obligations under GDPR.
The General Data Protection Regulation goes into effect on May 28th, 2018
You have to ensure compliancy.
Addressing GDPR Requirements
Failing to comply with GDPR can be costly with fines up to €20 million or 4% of annual worldwide turnover. You can’t afford to wait.
Addressing the requirements may differ by organization, however the general requirements include:
- Data protection by design, requiring organizations to include data protection considerations in their initial process and/or product rather than as an afterthought.
- Greater emphasis on accountability and transparency, requiring organizations to document their cybersecurity processes from prevention to incident response.
- Mandatory reporting of data breaches, requiring organizations to report a breach to the relevant supervisory authority within 72 hours, and to also inform affected customers.
- Failing to comply with GDPR can be costly with fines up to €20 million or 4% of annual worldwide turnover. You can’t afford to wait – enforcement starts in May 2018, but you need to start preparing today.
Technology alone won’t keep you GDPR compliant.
As GDPR approaches, many organizations are looking for technology to provide them with the quick and easy answer. Organizations who leverage layers of security solutions often struggle to understand the gaps that allow advanced threats like ransomware to leak through. Pure technology solutions also fail to detect unknown threats that don’t have existing signatures or rules.
A data protection plan that extends beyond technology is critical to securing a realistic and actionable strategy for GDPR compliance.
A comprehensive approach to GDPR compliance.
Understand where you are and where you need to be.
Our team will work with you to evaluate your current processes, aligning them to GDPR requirements by identifying gaps and appropriate solutions. Areas of focus include:
- Understanding the information you hold, documenting how it is collected and how it is held
- Determining the repercussions of data loss
- Understanding what data falls within a notification requirement if a breach should occur
- Reviewing technical defense methodology and identifying gaps
- Providing appropriate documentation to support existing approaches
Cyber threats are unique. Your cybersecurity defences should be too.
eSentire Managed Detection and Response (MDR) keeps organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Our 24x7 Security Operations Center (SOC) is staffed by elite security analysts who hunt, investigate and respond in real-time to known and unknown threats before they become business disrupting events.
An alert without action won’t help you.
In our world, seconds matter. Our approach to micro-incident response ensures attacks are addressed before they become business disruptions. Our hunt teams are vigilant, constantly investigating new threats in real-time. When they find one, our SOC investigates and responds on your behalf as an extension of your team.
Cyber-attacks change, but our core mission remains constant: a customer’s network can never be compromised.
GDPR – The Countdown is On.
A comprehensive approach to realizing GDPR compliance.
Listen as eSentire’s VP & Industry Security Strategist, Mark Sangster and Damien Young, Partner at Philip Lee, review tools that will help you map your current approach to GDPR requirements and help you gain an understanding of your unique areas of risk.
Gartner had identified managed detection and response (MDR) as the next evolution of threat monitoring and incident response services.
Keeping up with the latest cybersecurity services and technologies can be challenging. Learn what to look for when evaluating MDR providers.
Learn about the long-term impact of WannaCry and how to protect your organization against future attacks.