The 5 Cyber Security clauses within GDPR
The EU General Data Protection Regulation (GDPR) is a regulatory framework for data protection and privacy that came into effect on 25th May 2018. It includes 99 articles or clauses covering virtually every aspect of business and information management – everything from the consent to collect and process information, to the “right to be deleted”. Importantly for global businesses (including those outside the EU) the GDPR is supra-national, therefore any business that processes the data of EU citizens will fall under its remit, not just European businesses.
For cyber security professionals, the drive for data protection and information management is not new; although the level of detail, the requirements on data breach notification and the fines in GDPR impose a lot more focus. There are five individual articles or clauses that have specific cyber security requirements:
How to comply with the 5 cyber security clauses of GDPR
For security monitoring and operations in GDPR compliant businesses there is increased focus on both prevention and avoidance of security and privacy breaches. Further, it is imperative to be able to respond quickly when a problem does occur, understand it and take action. The 72 hours allowed to notify the government authority is accompanied by an expectation that affected data subjects will be communicated with promptly. As a minimum, businesses handling personal data will need to:
- Continuously monitor evidence and records around data transactions and breaches with comprehensive collection, processing and storage of activity logs;
- Detect and respond to issues quickly to comply with notification rules and reduce fines by demonstrating effective controls, oversight and containment of breaches;
- Achieve demonstrable compliance to GDPR as well as meeting business needs.
Knowing where to start with the implementation of the 5 cyber security clauses of GDPR is key to success. Would you like to find out how? Our Fast Track GDPR Guide will help you:
- Develop a credible stance for your GDPR cyber security compliance and reporting to management
- By providing a GDPR cyber security implementation plan
- Support your team with practical examples of what implementation should look like
Download the Fast Track Your GDPR Compliance Guide
How Huntsman Security solutions helps with your GDPR compliance
Enterprise SIEM
Huntsman Security’s Enterprise SIEM software provides flexibility, visibility and effective use of resources in security monitoring, information protection and breach response to deliver the following:
- Accurate and continuous view of compliance
- Reliable metrics for governance review
- Instantly identifies compliance issues, breaches, unauthorised accesses and data flows for remediation
- Operates across cloud, on-premise or hybrid environments
- Enables a rapid response to minimise fines if a breach occurs
Essential 8 Scorecard
The Essential 8 Scorecard provides continuous measurement of key security controls to prevent, limit and recover from breaches by:
- Interrogating security management systems to validate control configuration and operation
- Monitoring activity and security settings
- Automating report generation and despatch to key stakeholders
- Allowing real-time visibility of cyber posture and control risks
Download Enterprise SIEM Brochure Download Essential 8 Scorecard Brochure
Find out more about GDPR compliance solutions
