Six Key Components to Achieving GDPR Security Requirements
•
1 like•99 views
The document discusses six key components for organizations to achieve General Data Protection Regulation (GDPR) cyber security requirements: 1) data governance, 2) data classification, 3) data discovery, 4) data access, 5) data handling, and 6) data protection. It provides an overview of GDPR and its requirements, as well as how the consulting firm Optiv can help organizations develop a strategic roadmap to meet compliance.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Six Key Components to Achieving GDPR Security Requirements
Similar to Six Key Components to Achieving GDPR Security Requirements (20)
Recently uploaded
Recently uploaded (20)
Six Key Components to Achieving GDPR Security Requirements
- 1. Six Key Components to Achieving GDPR Cyber Security Requirements
- 2. The General Data Protection Regulation (GDPR) is hitting the world by storm. With a deadline of May 25, 2018, organizations are searching for an all-encompassing solution for GDPR readiness and compliance. Optiv is strategically positioned to assist organizations with the cyber security components of the GDPR regulation. Our goal is to help clients reduce noise around point solutions, understand the requirements as they relate to the organization, develop a strategic and tailored GDPR roadmap and execute across the six pillars of GDPR compliance. Optiv is here to help you not only weather the GPDR storm, but conquer it. 1Six Key Components to Achieving GDPR Cyber Security Requirements
- 3. In a perfect world – to avoid GDPR retribution – don’t get breached. Sounds easy, but unfortunately it’s not that simple. The key is to prove due diligence. With the May 2018 deadline approaching, how is your organization preparing for GDPR? GDPR is a sweeping privacy law with strict fines and penalties should a breach occur. WHAT IS GENERAL DATA PROTECTION REGULATION? 2Six Key Components to Achieving GDPR Cyber Security Requirements
- 4. The General Data Protection Regulation – At 10,000 Feet • Applies to all organizations processing personal data of EU citizens • Organizations in breach will be fined up to 4 percent of annual global turnover or $20 Million (Euro) (whichever is greater). • Defines lawfulness of processing to include consent by data subjects, “Privacy by Design”, the “Right to Be Forgotten” and data portability requirements • Outlines responsibilities of controllers and processors • Requires Privacy Impact Assessments • Breach notification requirements • Appointment of a Data Protection Officer • Deadline for compliance – May 25, 2018 3Six Key Components to Achieving GDPR Cyber Security Requirements
- 5. Can you interpret how GDPR effects your organization? Quick hit questions to consider: √ Do you know what data is relevant to GDPR? √ Do you know where that data is? √ Do you know who has access to this data? √ Do you have the right controls in place to protect that data? √ Can you show your work to prove GDPR due diligence? √ How can you prioritize GDPR against your other threats? GDPR is a complex challenge that affects multiple areas of your organization: 4Six Key Components to Achieving GDPR Cyber Security Requirements Cyber Security IT Legal
- 6. Achieve and maintain compliance across the Six Cyber Security Pillars of GDPR 5Six Key Components to Achieving GDPR Cyber Security Requirements Data Governance Data Classification Data Discovery Data Access Data Handling Data Protection
- 7. Data Governance 6Six Key Components to Achieving GDPR Cyber Security Requirements Understand your GDPR obligations as they relate to your business and activate your program to meet these obligations. Data Classification Analyze what data within your environment is relevant to GDPR and develop a proper classification scheme for ongoing data management. SIX PILLARS OF GDPR COMPLIANCE Data Discovery Discover where sensitive data lives within your environment and setup structures for ongoing management of such data.
- 8. 8Six Key Components to Achieving GDPR Cyber Security Requirements Data Access Determine who has access to the data and setup rules for ongoing access management. SIX PILLARS OF GDPR COMPLIANCE Data Handling Prepare for the chance of an incident and ensure that plans are in place to meet GDPR obligations regarding the handling of sensitive information. Data Protection Plan, build and run an appropriate security program to protect sensitive information.
- 9. START HERE: Begin with a plan. Understand your gaps. Build a roadmap for execution. Align your security and privacy programs to reach GDPR compliance.. At times, the road to GDPR compliance may seem to be an overwhelming journey with unsurmountable obstacles. Optiv can help organizations across the six pillars of GDPR compliance. Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers. For more information, visit www.optiv.com or follow us at www.twitter.com/optiv, www.facebook.com/optivinc and www.linkedin.com/company/optiv-inc. © 207 Optiv All Rights Reserved. Optiv” is a registered trademark of Optiv Security Inc. 1125 17th Street, Suite 1700 Denver, CO 80202 800.574.0896 | www.optiv.com Get in Touch 10.17 | F1