GDPR Compliance and the 5 Cyber Security clauses
The EU General Data Protection Regulation (GDPR) is a new regulatory framework for data protection and privacy that came into effect on 25th May 2018.
GDPR includes 99 articles or clauses covering virtually every aspect of business and information management – everything from the consent to collect and process information, to the “right to be deleted”. Importantly for global businesses (including those outside the EU) the GDPR is supra-national, therefore any business that processes the data of EU citizens will fall under its remit, not just European businesses.
For cyber security professionals, the drive for data protection and information management is not new; although the level of detail, the requirements on data breach notification and the fines in GDPR impose a lot more focus. There are five individual articles or clauses that have specific cyber security requirements:
How to comply with the 5 cyber security clauses of GDPR
For security monitoring and operations in GDPR compliant businesses there is increased focus on both prevention and avoidance of security and privacy breaches. Further, it is imperative to be able to respond quickly when a problem does occur, understand it and take action. The 72 hours allowed to notify the government authority is accompanied by an expectation that affected data subjects will be communicated with promptly. As a minimum, businesses handling personal data will need to:
- Continuously monitor evidence and records around data transactions and breaches with comprehensive collection, processing and storage of activity logs;
- Detect and respond to issues quickly to comply with notification rules and reduce fines by demonstrating effective controls, oversight and containment of breaches;
- Achieve demonstrable compliance to GDPR as well as meeting business needs.
Knowing where to start with the implementation of the 5 cyber security clauses of GDPR is key to success. Would you like to find out how? Our Fast Track GDPR Guide will help you:
- Develop a credible stance for your GDPR cyber security compliance and reporting to management
- By providing a GDPR cyber security implementation plan
- Support your team with practical examples of what implementation should look like
Download the GDPR Compliance Guide here:
Huntsman Security GDPR Compliance Software
Huntsman Security software provides flexibility, visibility and effective use of resources in security monitoring, information protection and breach response to deliver the following:
- Accurate and continuous view of compliance
- Reliable metrics for governance review
- Removes unknowns around compliance status and reporting
- Instantly identifies compliance issues, breaches, unauthorised accesses and data flows for remediation
- Operates across cloud, on-premise or hybrid environments
- Saves time, cost and money in normal operation and allows quicker response to minimise fines if a breach occurs
Find out more about GDPR solutions for cyber security
To read our white paper, download it from the link below: