SlideShare a Scribd company logo

GDPR Webinar - feb

Sophos Benelux
Sophos Benelux

The countdown has begun. Not only towards the moment when British Parliament invokes Article 50 and starts the official Brexit-procedure but also towards May 25th 2018, the day that the EU General Data Protection Regulation – or GDPR – takes effect. The good news: you have until that day to prepare your organisation to comply with the legislation. The bad news: although it sounds like a long time, there’s a lot to be done.

Software
1 of 17
Download to read offline
Be Prepared for the GDPR Legislation Vincent Vanbiervliet Product Management, Data Protection 21 February 2018
Agenda 2 • What is the GDPR • How companies lose data • A risk-based approach to the GDPR • Recommendations • Resources • Q&A We are an IT security company, and not a legal firm. This means that the content of this presentation represents our views, and it does NOT constitute legal advice. If you wish to ensure your company is legally covered, consider consulting specialized legal counsel.
3 GDPR in less than two minutes… All organizations that hold personally identifiable data on EU individuals. Even organizations based outside of the EU must comply. Who? The EU General Data Protection Regulation (GDPR) is a new law that strengthens privacy for EU individuals. What? Enforcement begins on 25 May 2018. Many countries implementing sooner.When?25
4 GDPR in less than two minutes… Tough penalties €€€ Up to €20,000,000 or 4% of annual global revenue …in addition to all other costs associated with a data breach… The GDPR gives authorities greater powers to take actions against businesses that breach the new laws.
Three months and counting… 5 What’s your approach? Varied levels of readiness: - By geography - By company size - By vertical industry - By business type - Etc. Are you prepared? Many approaches: - PANIC! - “Wait-and-see” - “It doesn’t apply to me” - Risk-based approach - Etc. …and we see lots of different tactics!
10 Internal procedures Consent Backup/recovery “One-stop-shop” reporting Right to be forgotten Purpose of data collection GDPR also provides benefits to individuals and companies GDPR is not only about Data Security COMPETITIVE ADVANTAGES
11 STORAGE LIMITATION ACCURACY PURPOSE LIMITATION INTEGRITY, CONFIDENTIALITY LAWFULNESS, FAIRNESS, TRANSPARENCY DATA MINIMISATIONThe key rulesof the GDPR
How Companies Lose Data 2017 12 58%27% 2% 12% 1% Hacking or Malware Unintended Disclosure Portable Devices Physical loss Other 2017 Data Breaches – Privacy Rights Clearinghouse Includes mega-breaches, totalling 1.7B records: 1,370M – River City Media (Disc) 145M – Equifax (Hack) 198M – Deep Root Analytics (Disc)
How far do you go to manage the risk to your data/IT assets? Risk mitigation IT SECURITY SCALEBASIC LOWEST RISK LOWER HIGHER Hacking, malware, or malicious code (57%) Portable devices and physical loss (17%) Unintended disclosure (22%) Other (4%) Advanced malware Ransomware and exploits Unauthorized access and credential theft Lost or stolen laptops and storage devices Lost or stolen mobile devices, tablets, and IoT devices Human error, loss via email, or loss via cloud storage Malicious insider Top causes for data loss* Common ways to loose data Effort * Percentages based on number of incidents according to data from Privacy Rights Clearinghouse Apathy =
Must-have Controls, Policies, and Actions 14 Define and document what you consider to be “State of the Art”, and be prepared to defend it. STATE OF THE ART 1. Stop the top causes of data loss 2. Stop threats at the door 3. Reduce human error REDUCE WAYS TO LOSE DATA What personal data do I have? Where is it? Why do I have it? Do I need it? Etc. DATA GOVERNANCE
How to Prepare for the GDPR 15 Take ownership of your GDPR Readiness1. Evaluate your risk exposure2. Determine your investment level3. Get executive buy-in4. Invest in “state of the art” best practices5.
How far do you go to manage the risk to your data/IT assets? Risk mitigation IT SECURITY SCALEBASIC LOWEST RISK LOWER HIGHER Hacking, malware, or malicious code (57%) Portable devices and physical loss (17%) Unintended disclosure (22%) Other (4%) Advanced malware Ransomware and exploits Unauthorized access and credential theft Lost or stolen laptops and storage devices Lost or stolen mobile devices, tablets, and IoT devices Human error, loss via email, or loss via cloud storage Malicious insider Endpoint Protection Intercept X Server Security Device Encryption Sophos Mobile SafeGuard Encryption On premisesSophos Central Top causes for data loss* Common ways to loose data Which Sophos tools could help Effort * Percentages based on number of incidents according to data from Privacy Rights Clearinghouse
Summary and Suggestions 17 • The GDPR is coming 25 May 2018 • The GDPR is good practice, not just a lead weight • The GDPR preparations are useful for most compliance laws • The GDPR can provide unexpected competitive advantages 1. Learn more, become aware and accountable 2. Develop a plan, show positive action, and document it 3. Reduce the ways you can lose data
Useful Links 18 • Sophos GDPR landing page: https://www.sophos.com/eu • European Data Protection Supervisor: https://edps.europa.eu/ • European Commission, new overview of GDPR reform: https://europa.eu/dataprotection • European Commission, Article 29 Working Party (“WP29”): http://ec.europa.eu/justice/data-protection/article-29/index_en.htm
19 Full GDPR text on the go! Search for “EU Data Protection” (by EDPS)
Questions? 20
GDPR Webinar - feb

Recommended

Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec
 
Using international standards to improve EU cyber security
Using international standards to improve EU cyber securityUsing international standards to improve EU cyber security
Using international standards to improve EU cyber securityIT Governance Ltd
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 

Recommended

Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec
 
Using international standards to improve EU cyber security
Using international standards to improve EU cyber securityUsing international standards to improve EU cyber security
Using international standards to improve EU cyber securityIT Governance Ltd
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec
 
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...
Symantec Webinar Part 6 of 6 GDPR Compliance, Breach Notification, Detection,...Symantec
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Cyril Soeri
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
 
GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality Susan Moran
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
GDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age padler01
 
The Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance AuditThe Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance AuditSBWebinars
 
How does GDPR affect your business?
How does GDPR affect your business?How does GDPR affect your business?
How does GDPR affect your business?Christiana Kozakou
 
12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashed12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashedChris Gilmour
 
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is hereRichard Hogg,Global GDPR Offerings Evangelist
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? N-iX
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Karina Matos
 
GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.James Seville
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 

More Related Content

What's hot

Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Cyril Soeri
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationIBM Security
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityIT Governance Ltd
 
GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality Susan Moran
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
GDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?Frederick Penaud
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age padler01
 
The Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance AuditThe Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance AuditSBWebinars
 
How does GDPR affect your business?
How does GDPR affect your business?How does GDPR affect your business?
How does GDPR affect your business?Christiana Kozakou
 
12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashed12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashedChris Gilmour
 
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? N-iX
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Karina Matos
 

What's hot (20)

Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
 
How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber security
 
GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality
 
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredCountdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be Secured
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
GDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your business
 
GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age
 
The Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance AuditThe Trick to Passing Your Next Compliance Audit
The Trick to Passing Your Next Compliance Audit
 
How does GDPR affect your business?
How does GDPR affect your business?How does GDPR affect your business?
How does GDPR affect your business?
 
12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashed12 steps to gdpr compliance unleashed
12 steps to gdpr compliance unleashed
 
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
TrustArc Webinar: How to Prepare Your Business for Privacy Changes in the Mid...
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance
 
Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing? Is Ukraine safe for software development outsourcing?
Is Ukraine safe for software development outsourcing?
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 

Similar to GDPR Webinar - feb

GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.James Seville
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
Boards' Eye View of Digital Risk & GDPR v2
Boards' Eye View of Digital Risk & GDPR v2Boards' Eye View of Digital Risk & GDPR v2
Boards' Eye View of Digital Risk & GDPR v2Graham Mann
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
Boards' Eye View of Digital Risk & GDPR
Boards' Eye View of Digital Risk & GDPRBoards' Eye View of Digital Risk & GDPR
Boards' Eye View of Digital Risk & GDPRGraham Mann
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 
Le soluzioni tecnologiche a supporto della normativa GDPR
Le soluzioni tecnologiche a supporto della normativa GDPRLe soluzioni tecnologiche a supporto della normativa GDPR
Le soluzioni tecnologiche a supporto della normativa GDPRJürgen Ambrosi
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
DATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaDATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaNSConclave
 
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...Emma Mirrington
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliancePeter Goldbrunner
 
Information security management v2010
Information security management v2010Information security management v2010
Information security management v2010joevest
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare IndustryEMMAIntl
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...XeniT Solutions nv
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 

Similar to GDPR Webinar - feb (20)

GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
Boards' Eye View of Digital Risk & GDPR v2
Boards' Eye View of Digital Risk & GDPR v2Boards' Eye View of Digital Risk & GDPR v2
Boards' Eye View of Digital Risk & GDPR v2
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Boards' Eye View of Digital Risk & GDPR
Boards' Eye View of Digital Risk & GDPRBoards' Eye View of Digital Risk & GDPR
Boards' Eye View of Digital Risk & GDPR
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
Le soluzioni tecnologiche a supporto della normativa GDPR
Le soluzioni tecnologiche a supporto della normativa GDPRLe soluzioni tecnologiche a supporto della normativa GDPR
Le soluzioni tecnologiche a supporto della normativa GDPR
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
DATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali RangoliyaDATA BREACH & PREVENTION - Hemali Rangoliya
DATA BREACH & PREVENTION - Hemali Rangoliya
 
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
 
Five strategies for gdpr compliance
Five strategies for gdpr complianceFive strategies for gdpr compliance
Five strategies for gdpr compliance
 
Information security management v2010
Information security management v2010Information security management v2010
Information security management v2010
 
GDPR for dummies
GDPR for dummies GDPR for dummies
GDPR for dummies
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 

More from Sophos Benelux

Cybercrime - Why we're not doomed after all
Cybercrime - Why we're not doomed after allCybercrime - Why we're not doomed after all
Cybercrime - Why we're not doomed after allSophos Benelux
 
Defending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecurityDefending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecuritySophos Benelux
 
Sophos Synchronized security
Sophos Synchronized securitySophos Synchronized security
Sophos Synchronized securitySophos Benelux
 
Bescherm jezelf tegen ransomware
Bescherm jezelf tegen ransomwareBescherm jezelf tegen ransomware
Bescherm jezelf tegen ransomwareSophos Benelux
 
Raging Ransomware Roadshow May
Raging Ransomware Roadshow MayRaging Ransomware Roadshow May
Raging Ransomware Roadshow MaySophos Benelux
 

More from Sophos Benelux (8)

Cybercrime - Why we're not doomed after all
Cybercrime - Why we're not doomed after allCybercrime - Why we're not doomed after all
Cybercrime - Why we're not doomed after all
 
IT Security Landscape
IT Security LandscapeIT Security Landscape
IT Security Landscape
 
Defending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecurityDefending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen Security
 
This is Next-Gen
This is Next-GenThis is Next-Gen
This is Next-Gen
 
Petya Outbreak
Petya OutbreakPetya Outbreak
Petya Outbreak
 
Sophos Synchronized security
Sophos Synchronized securitySophos Synchronized security
Sophos Synchronized security
 
Bescherm jezelf tegen ransomware
Bescherm jezelf tegen ransomwareBescherm jezelf tegen ransomware
Bescherm jezelf tegen ransomware
 
Raging Ransomware Roadshow May
Raging Ransomware Roadshow MayRaging Ransomware Roadshow May
Raging Ransomware Roadshow May
 

Recently uploaded

Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 

Recently uploaded (20)

Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 

GDPR Webinar - feb

  • 1. Be Prepared for the GDPR Legislation Vincent Vanbiervliet Product Management, Data Protection 21 February 2018
  • 2. Agenda 2 • What is the GDPR • How companies lose data • A risk-based approach to the GDPR • Recommendations • Resources • Q&A We are an IT security company, and not a legal firm. This means that the content of this presentation represents our views, and it does NOT constitute legal advice. If you wish to ensure your company is legally covered, consider consulting specialized legal counsel.
  • 3. 3 GDPR in less than two minutes… All organizations that hold personally identifiable data on EU individuals. Even organizations based outside of the EU must comply. Who? The EU General Data Protection Regulation (GDPR) is a new law that strengthens privacy for EU individuals. What? Enforcement begins on 25 May 2018. Many countries implementing sooner.When?25
  • 4. 4 GDPR in less than two minutes… Tough penalties €€€ Up to €20,000,000 or 4% of annual global revenue …in addition to all other costs associated with a data breach… The GDPR gives authorities greater powers to take actions against businesses that breach the new laws.
  • 5. Three months and counting… 5 What’s your approach? Varied levels of readiness: - By geography - By company size - By vertical industry - By business type - Etc. Are you prepared? Many approaches: - PANIC! - “Wait-and-see” - “It doesn’t apply to me” - Risk-based approach - Etc. …and we see lots of different tactics!
  • 6. 10 Internal procedures Consent Backup/recovery “One-stop-shop” reporting Right to be forgotten Purpose of data collection GDPR also provides benefits to individuals and companies GDPR is not only about Data Security COMPETITIVE ADVANTAGES
  • 7. 11 STORAGE LIMITATION ACCURACY PURPOSE LIMITATION INTEGRITY, CONFIDENTIALITY LAWFULNESS, FAIRNESS, TRANSPARENCY DATA MINIMISATIONThe key rulesof the GDPR
  • 8. How Companies Lose Data 2017 12 58%27% 2% 12% 1% Hacking or Malware Unintended Disclosure Portable Devices Physical loss Other 2017 Data Breaches – Privacy Rights Clearinghouse Includes mega-breaches, totalling 1.7B records: 1,370M – River City Media (Disc) 145M – Equifax (Hack) 198M – Deep Root Analytics (Disc)
  • 9. How far do you go to manage the risk to your data/IT assets? Risk mitigation IT SECURITY SCALEBASIC LOWEST RISK LOWER HIGHER Hacking, malware, or malicious code (57%) Portable devices and physical loss (17%) Unintended disclosure (22%) Other (4%) Advanced malware Ransomware and exploits Unauthorized access and credential theft Lost or stolen laptops and storage devices Lost or stolen mobile devices, tablets, and IoT devices Human error, loss via email, or loss via cloud storage Malicious insider Top causes for data loss* Common ways to loose data Effort * Percentages based on number of incidents according to data from Privacy Rights Clearinghouse Apathy =
  • 10. Must-have Controls, Policies, and Actions 14 Define and document what you consider to be “State of the Art”, and be prepared to defend it. STATE OF THE ART 1. Stop the top causes of data loss 2. Stop threats at the door 3. Reduce human error REDUCE WAYS TO LOSE DATA What personal data do I have? Where is it? Why do I have it? Do I need it? Etc. DATA GOVERNANCE
  • 11. How to Prepare for the GDPR 15 Take ownership of your GDPR Readiness1. Evaluate your risk exposure2. Determine your investment level3. Get executive buy-in4. Invest in “state of the art” best practices5.
  • 12. How far do you go to manage the risk to your data/IT assets? Risk mitigation IT SECURITY SCALEBASIC LOWEST RISK LOWER HIGHER Hacking, malware, or malicious code (57%) Portable devices and physical loss (17%) Unintended disclosure (22%) Other (4%) Advanced malware Ransomware and exploits Unauthorized access and credential theft Lost or stolen laptops and storage devices Lost or stolen mobile devices, tablets, and IoT devices Human error, loss via email, or loss via cloud storage Malicious insider Endpoint Protection Intercept X Server Security Device Encryption Sophos Mobile SafeGuard Encryption On premisesSophos Central Top causes for data loss* Common ways to loose data Which Sophos tools could help Effort * Percentages based on number of incidents according to data from Privacy Rights Clearinghouse
  • 13. Summary and Suggestions 17 • The GDPR is coming 25 May 2018 • The GDPR is good practice, not just a lead weight • The GDPR preparations are useful for most compliance laws • The GDPR can provide unexpected competitive advantages 1. Learn more, become aware and accountable 2. Develop a plan, show positive action, and document it 3. Reduce the ways you can lose data
  • 14. Useful Links 18 • Sophos GDPR landing page: https://www.sophos.com/eu • European Data Protection Supervisor: https://edps.europa.eu/ • European Commission, new overview of GDPR reform: https://europa.eu/dataprotection • European Commission, Article 29 Working Party (“WP29”): http://ec.europa.eu/justice/data-protection/article-29/index_en.htm
  • 15. 19 Full GDPR text on the go! Search for “EU Data Protection” (by EDPS)