The 5 Cyber Security clauses within GDPR

The GDPR is a regulatory framework for data protection and privacy. It came into effect in the EU, including the UK, on 25 May 2018 and was subsequently incorporated into UK law post-Brexit to create a substantially similar UK version. GDPR contains 99 Articles covering virtually every aspect of business and information management – from the consent to collect and process information, to the “right to be forgotten”. Importantly for global businesses (including those outside the EU and UK) the GDPR is supra-national, therefore any business that processes the data of EU or UK citizens will fall under its remit.

For cyber security professionals, the drive for data protection and information management is not new; although the level of detail, the requirements on data breach notification and the fines in GDPR impose a lot more focus. There are five individual articles that have specific cyber security implications:

How to comply with the 5 cyber security articles of GDPR

For security monitoring and operations in GDPR compliant businesses there is increased focus on both prevention and avoidance of security and privacy breaches. Further, it is imperative to be able to respond quickly when a problem does occur, understand it and take action. The 72 hours allowed to notify the regulator is accompanied by an expectation that affected data subjects will, in certain cases, be communicated with promptly. As a minimum, businesses handling personal data will need to:

  • Continuously monitor evidence and records around data transactions and breaches with comprehensive collection, processing and storage of activity logs;
  • Detect and respond to issues quickly to comply with notification rules and by demonstrate effective controls, oversight and containment of breaches;
  • Achieve demonstrable compliance to GDPR as well as meeting business needs.

Knowing where to start with the implementation of the 5 cyber security articles of GDPR is key to success. Would you like to find out how? Our Fast Track GDPR Guide will help you:

  • Develop a credible stance for your GDPR cyber security compliance and reporting to management
  • By providing a GDPR cyber security implementation plan
  • Support your team with practical examples of what implementation should look like

How Huntsman Security solutions help with your GDPR compliance

Enterprise SIEM

Huntsman Security’s Enterprise SIEM software provides flexibility, visibility and effective use of resources in security monitoring, information protection and breach response to deliver the following:

  • Accurate and continuous view of compliance
  • Reliable metrics for governance review
  • Instant identification of compliance issues, breaches, unauthorised accesses and data flows for remediation
  • Operates across cloud, on-premise or hybrid environments
  • Enables a rapid response to mitigate fines if a breach occurs

Essential 8 Scorecard

The Essential 8 Scorecard provides continuous measurement of key security controls to prevent, limit and recover from breaches by:

  • Interrogating security management systems to validate control configuration and operation
  • Monitoring activity and security settings
  • Automating report generation and despatch to key stakeholders
  • Allowing real-time visibility of cyber posture and control risks
Huntsman MITRE ATT&CK® Summary Dashboard
Essential 8 Scorecard – Trend Report

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.