Zscaler, profile picture
Uploaded byZscaler
439 views

GDPR - are you ready?

The document discusses the challenges companies face in achieving GDPR compliance, highlighting that a significant number of FTSE 350 and Fortune 500 companies overestimate their readiness. It emphasizes the importance of data tracking, security controls, and the role of a dedicated GDPR team across various departments. Additionally, Zscaler offers solutions such as SSL interception and application visibility to aid organizations in their compliance efforts.

Internet
Related topics:
Cloud Security Insights

Embed presentation

©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION1 ZSCALER CONFIDENTIAL INFORMATION GDPR – Are you ready? Key steps to getting it GDPR right Chris Hodson | Sr. Director, Office of the CISO | Zscaler Shaun Ghafouri | Associate General Counsel | Zscaler
©2018 Zscaler, Inc. All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION2 To ask a question • Type your questions into the chat box in the Webex panel or email us at communications@zscaler.com • We’ll try to get to all questions during the Q&A session. If we do not get to your question, we’ll make sure to follow up afterwards • At the end of the webcast – please let us know how we did! ©2018 Zscaler, Inc. All rights reserved. Ask your question here…
The latest research A majority of FTSE 350 and Fortune 500 companies are overestimating their capabilities when it comes to GDPR compliance. 92 per cent of European businesses are unprepared for GDPR. According to research from law firm Paul Hastings. Survey of 400 European businesses by RSM and the European Business Awards.
GDPR is Here! What now? Or Are you Compliant? In state of Readiness? • Your company is in constant state of change. • Your processes are in a constant state of change. What happens to your GDPR Team going forward? Legal | Marketing | Infosec | IT
What priorities should drive your readiness? Analysis of Data Retention Tracking key GDPR Readiness Priorities Technical Security Data Deletion Communicating to the Business Data Flows
What personal information should you be concerned with? Shoe Size Eye color IP Address “Any information relating to the identified or identifiable natural person” Hair Color DNA RNA Name Address Phone Weight Online Identifier Income Cultural Profile GPS/Localization Email Browser Cookies Race Religion Image Fingerprint Height Biometrics
Which Security Controls Should be in Place? Logging Access Control Data Mapping Authentication EncryptionAnti-Malware
What about Shadow IT? Are you able to track unsanctioned user activity? We don’t know what we don’t know Data ownership issues Data flows Data Protection Impact Assessment
CISO Challenges • Best of Breed Security • Privacy by Design • 72 Hour Reporting • Encryption Challenges “Only 20% of GDPR is within my purview!”
How Zscaler can Help SSL Interception at Scale Application Visibility: All Ports, All Protocols Payload data is not written to disk Logging data retained with European Union Pseudonymisation and obfuscation where required
©2017 Zscaler, Inc. All rights reserved. ZSCALER CONFIDENTIAL INFORMATION. Thank You! Questions and Next Steps 11 Chris Hodson Sr. Director, Office of CISO at Zscaler chodson@zscaler.com www.zscaler.com/gdpr Overcoming the Challenges of Architecting for the Cloud Slow Office 365 Deployment? Let Zscaler help you get in the fast lane! zscaler.com/webcasts Shaun Ghafouri Associate General Counsel at Zscaler sghafouri@zscaler.com Learn more about Zscaler and GDPR zscaler.com/webcasts Other On-Demand Webcasts
©2017 Zscaler, Inc. All rights reserved. ZSCALER CONFIDENTIAL INFORMATION. June 25-27, 2018 The Cosmopolitan, Las Vegas Register at zenithlive.zscaler.com Join the conversation at community.zscaler.com

More Related Content

PDF
GDPR Webinar - feb
bySophos Benelux
 
PPTX
Open Source Insight: Banking and Open Source, 2018 CISO Report, GDPR Looming
byBlack Duck by Synopsys
 
PDF
Data theft in india (K K Mookhey)
byClubHack
 
PPTX
Cyber Security, IP Theft, and Data Breaches
byEthisphere
 
PDF
Comply or Die: Learn How to Avoid Failed Audits
byThycotic
 
PDF
Six Key Components to Achieving GDPR Security Requirements
byJeff Katanick
 
PPT
BREACHED! Implementing Incident Response for a Compromised Credential
byThycotic
 
PPTX
Learning from History
byBrian Honan
 
GDPR Webinar - feb
bySophos Benelux
 
Open Source Insight: Banking and Open Source, 2018 CISO Report, GDPR Looming
byBlack Duck by Synopsys
 
Data theft in india (K K Mookhey)
byClubHack
 
Cyber Security, IP Theft, and Data Breaches
byEthisphere
 
Comply or Die: Learn How to Avoid Failed Audits
byThycotic
 
Six Key Components to Achieving GDPR Security Requirements
byJeff Katanick
 
BREACHED! Implementing Incident Response for a Compromised Credential
byThycotic
 
Learning from History
byBrian Honan
 

What's hot

PPTX
GDPR, Data Privacy and Cybersecurity - MIT Symposium
byEric Vanderburg
 
PDF
GDPR survey results: Challenges, opportunities, readiness
bySASSoftware
 
PDF
The Trick to Passing Your Next Compliance Audit
bySBWebinars
 
PPTX
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
byEric Vanderburg
 
PDF
Privacy by design
byMichelangelo van Dam
 
PDF
Webinar Deck - Protect Your Users' Online Privacy
byEnsighten
 
PDF
UK Cyber Vulnerability Index 2013
byMartin Jordan
 
PPTX
Managing privacy by Victor Chapela
byJuan Carlos Carrillo
 
PDF
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
byCharmaine Servado
 
PDF
Hacker Defense: How to Make Your Law Firm a Harder Target
byLexisNexis
 
PDF
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
byCODE BLUE
 
PDF
Hedna pii is your goldmine a landmine
byEvelyne Oreskovich
 
PDF
Verizon's DBIR-A look into each industry
bySOCRadar Inc
 
PDF
GDPR: Threat or Opportunity?
bySamuel Pouyt
 
PPTX
Cloud Privacy Update: What You Need to Know
byAct-On Software
 
PDF
Cloud Privacy
byAct-On Software
 
PPTX
Retail Excellence Ireland - Cyber Threats 2015 Overview
byOCTF Industry Engagement
 
PDF
What's Next - General Data Protection Regulation (GDPR) Changes
byOgilvy Consulting
 
PPTX
Cybersecurity pres 05-19-final
byVivek Ahuja
 
PDF
Secure Cloud For Legal Professionals
byZitaAdlTrk
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
byEric Vanderburg
 
GDPR survey results: Challenges, opportunities, readiness
bySASSoftware
 
The Trick to Passing Your Next Compliance Audit
bySBWebinars
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
byEric Vanderburg
 
Privacy by design
byMichelangelo van Dam
 
Webinar Deck - Protect Your Users' Online Privacy
byEnsighten
 
UK Cyber Vulnerability Index 2013
byMartin Jordan
 
Managing privacy by Victor Chapela
byJuan Carlos Carrillo
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
byCharmaine Servado
 
Hacker Defense: How to Make Your Law Firm a Harder Target
byLexisNexis
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
byCODE BLUE
 
Hedna pii is your goldmine a landmine
byEvelyne Oreskovich
 
Verizon's DBIR-A look into each industry
bySOCRadar Inc
 
GDPR: Threat or Opportunity?
bySamuel Pouyt
 
Cloud Privacy Update: What You Need to Know
byAct-On Software
 
Cloud Privacy
byAct-On Software
 
Retail Excellence Ireland - Cyber Threats 2015 Overview
byOCTF Industry Engagement
 
What's Next - General Data Protection Regulation (GDPR) Changes
byOgilvy Consulting
 
Cybersecurity pres 05-19-final
byVivek Ahuja
 
Secure Cloud For Legal Professionals
byZitaAdlTrk
 

Similar to GDPR - are you ready?

PPTX
Keep Calm and Comply: 3 Keys to GDPR Success
bySirius
 
PDF
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
byMichele Collu
 
PPTX
GDPR Workshop
byCurt Lewis
 
PDF
GDPR for Non-European Region - Financial Services EL
byEugene Lee
 
PDF
Gearing up for GDPR with VWO and HubSpot
byVWO
 
PDF
Creating a GDPR Action Plan; Not a Freakout Plan
byMediacurrent
 
PPTX
GDPR How to get started?
byPeter Witsenburg
 
PPTX
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
byCIO Edge
 
PDF
12 steps to prepare for GDPR
byGary Chambers
 
PDF
GDPR ASAP: A Seven-Step Guide to Prepare for the General Data Protection Regu...
byObservePoint
 
PPTX
Ritz 4th-july-gdpr
byExponential_e
 
PDF
GDPR Checklist Infographic
byConnexica
 
PDF
GDPR 9 Step SIEM Implementation Checklist
byNetworkIQ
 
PPTX
Do You Have a Roadmap for EU GDPR Compliance?
byUlf Mattsson
 
PDF
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
byHackerOne
 
PPTX
CBC GDPR The Physics
byJason Chapman
 
PDF
General Data Protection Regulation, a developer's story
byMichelangelo van Dam
 
PDF
GDPR: A misunderstood piece of data privacy legislation and it's impact on ev...
byBear Analytics
 
PPTX
Do You Have a Roadmap for EU GDPR Compliance?
byUlf Mattsson
 
PPTX
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
byCloudera, Inc.
 
Keep Calm and Comply: 3 Keys to GDPR Success
bySirius
 
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
byMichele Collu
 
GDPR Workshop
byCurt Lewis
 
GDPR for Non-European Region - Financial Services EL
byEugene Lee
 
Gearing up for GDPR with VWO and HubSpot
byVWO
 
Creating a GDPR Action Plan; Not a Freakout Plan
byMediacurrent
 
GDPR How to get started?
byPeter Witsenburg
 
Digital Enterprise Festival Birmingham 13/04/17 - Ian West Cognizant VP Data ...
byCIO Edge
 
12 steps to prepare for GDPR
byGary Chambers
 
GDPR ASAP: A Seven-Step Guide to Prepare for the General Data Protection Regu...
byObservePoint
 
Ritz 4th-july-gdpr
byExponential_e
 
GDPR Checklist Infographic
byConnexica
 
GDPR 9 Step SIEM Implementation Checklist
byNetworkIQ
 
Do You Have a Roadmap for EU GDPR Compliance?
byUlf Mattsson
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
byHackerOne
 
CBC GDPR The Physics
byJason Chapman
 
General Data Protection Regulation, a developer's story
byMichelangelo van Dam
 
GDPR: A misunderstood piece of data privacy legislation and it's impact on ev...
byBear Analytics
 
Do You Have a Roadmap for EU GDPR Compliance?
byUlf Mattsson
 
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
byCloudera, Inc.
 

More from Zscaler

PPTX
Zscaler mondi webinar
byZscaler
 
PPTX
3 reasons-sdp-is-replacing-vpn-in-2019
byZscaler
 
PPTX
Top 5 predictions webinar
byZscaler
 
PPTX
Three ways-zero-trust-security-redefines-partner-access-ch
byZscaler
 
PPTX
Office 365 kelly services
byZscaler
 
PPTX
Ma story then_now_webcast_10_17_18
byZscaler
 
PPTX
Get an office 365 expereience your users will love v8.1
byZscaler
 
PPTX
Three ways-zero-trust-security-redefines-partner-access-v8
byZscaler
 
PPTX
Schneider electric powers security transformation with one simple app copy
byZscaler
 
PDF
Top 5 mistakes deploying o365
byZscaler
 
PDF
Three Key Steps for Moving Your Branches to the Cloud
byZscaler
 
PPTX
How sdp delivers_zero_trust
byZscaler
 
PDF
Zenith Live - Security Lab - Phantom
byZscaler
 
PPTX
Moving from appliances to cloud security with phoenix children's hospital
byZscaler
 
PPTX
O365 quick with fast user experience
byZscaler
 
PPTX
Faster, simpler, more secure remote access to apps in aws
byZscaler
 
PPTX
Migration to microsoft_azure_with_zscaler
byZscaler
 
PPTX
Office 365 deployment
byZscaler
 
PPTX
Dissecting ssl threats
byZscaler
 
PPTX
SD-WAN plus cloud security
byZscaler
 
Zscaler mondi webinar
byZscaler
 
3 reasons-sdp-is-replacing-vpn-in-2019
byZscaler
 
Top 5 predictions webinar
byZscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
byZscaler
 
Office 365 kelly services
byZscaler
 
Ma story then_now_webcast_10_17_18
byZscaler
 
Get an office 365 expereience your users will love v8.1
byZscaler
 
Three ways-zero-trust-security-redefines-partner-access-v8
byZscaler
 
Schneider electric powers security transformation with one simple app copy
byZscaler
 
Top 5 mistakes deploying o365
byZscaler
 
Three Key Steps for Moving Your Branches to the Cloud
byZscaler
 
How sdp delivers_zero_trust
byZscaler
 
Zenith Live - Security Lab - Phantom
byZscaler
 
Moving from appliances to cloud security with phoenix children's hospital
byZscaler
 
O365 quick with fast user experience
byZscaler
 
Faster, simpler, more secure remote access to apps in aws
byZscaler
 
Migration to microsoft_azure_with_zscaler
byZscaler
 
Office 365 deployment
byZscaler
 
Dissecting ssl threats
byZscaler
 
SD-WAN plus cloud security
byZscaler
 

Recently uploaded

PDF
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
PPTX
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
PDF
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
PDF
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
PDF
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
PPTX
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 

GDPR - are you ready?

  • 1.
    ©2018 Zscaler, Inc.All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION1 ZSCALER CONFIDENTIAL INFORMATION GDPR – Are you ready? Key steps to getting it GDPR right Chris Hodson | Sr. Director, Office of the CISO | Zscaler Shaun Ghafouri | Associate General Counsel | Zscaler
  • 2.
    ©2018 Zscaler, Inc.All rights reserved. | ZSCALER CONFIDENTIAL INFORMATION2 To ask a question • Type your questions into the chat box in the Webex panel or email us at communications@zscaler.com • We’ll try to get to all questions during the Q&A session. If we do not get to your question, we’ll make sure to follow up afterwards • At the end of the webcast – please let us know how we did! ©2018 Zscaler, Inc. All rights reserved. Ask your question here…
  • 3.
    The latest research Amajority of FTSE 350 and Fortune 500 companies are overestimating their capabilities when it comes to GDPR compliance. 92 per cent of European businesses are unprepared for GDPR. According to research from law firm Paul Hastings. Survey of 400 European businesses by RSM and the European Business Awards.
  • 4.
    GDPR is Here!What now? Or Are you Compliant? In state of Readiness? • Your company is in constant state of change. • Your processes are in a constant state of change. What happens to your GDPR Team going forward? Legal | Marketing | Infosec | IT
  • 5.
    What priorities should drive yourreadiness? Analysis of Data Retention Tracking key GDPR Readiness Priorities Technical Security Data Deletion Communicating to the Business Data Flows
  • 6.
    What personal informationshould you be concerned with? Shoe Size Eye color IP Address “Any information relating to the identified or identifiable natural person” Hair Color DNA RNA Name Address Phone Weight Online Identifier Income Cultural Profile GPS/Localization Email Browser Cookies Race Religion Image Fingerprint Height Biometrics
  • 7.
    Which Security ControlsShould be in Place? Logging Access Control Data Mapping Authentication EncryptionAnti-Malware
  • 8.
    What about ShadowIT? Are you able to track unsanctioned user activity? We don’t know what we don’t know Data ownership issues Data flows Data Protection Impact Assessment
  • 9.
    CISO Challenges • Bestof Breed Security • Privacy by Design • 72 Hour Reporting • Encryption Challenges “Only 20% of GDPR is within my purview!”
  • 10.
    How Zscaler canHelp SSL Interception at Scale Application Visibility: All Ports, All Protocols Payload data is not written to disk Logging data retained with European Union Pseudonymisation and obfuscation where required
  • 11.
    ©2017 Zscaler, Inc.All rights reserved. ZSCALER CONFIDENTIAL INFORMATION. Thank You! Questions and Next Steps 11 Chris Hodson Sr. Director, Office of CISO at Zscaler chodson@zscaler.com www.zscaler.com/gdpr Overcoming the Challenges of Architecting for the Cloud Slow Office 365 Deployment? Let Zscaler help you get in the fast lane! zscaler.com/webcasts Shaun Ghafouri Associate General Counsel at Zscaler sghafouri@zscaler.com Learn more about Zscaler and GDPR zscaler.com/webcasts Other On-Demand Webcasts
  • 12.
    ©2017 Zscaler, Inc.All rights reserved. ZSCALER CONFIDENTIAL INFORMATION. June 25-27, 2018 The Cosmopolitan, Las Vegas Register at zenithlive.zscaler.com Join the conversation at community.zscaler.com

Editor's Notes

  • #4 We need to frame the discussion around the areas we want to discuss. A Royal Mail Data Services survey has found that three out of 10 UK companies are falling short of the data quality required for the EU’s General Data Protection Regulation Almost one-third of UK organisations lack the data quality enforcement processes required for the EU’s General Data Protection Regulation (GDPR), according to research from Royal Mail Data Services. FTSE350 and F500 over stating readiness: https://ibsintelligence.com/ibs-journal/fortune-ftse-companies-declare-readiness-gdpr-half-actually-anything/ Market research business Forrester has identified that 80% of firms affected by the GDPR will not be compliant with the Regulation when it comes into force on 25 May 2018. https://www.lexology.com/library/detail.aspx?g=353b4336-657f-4db7-a13d-ba06e3881bdb 92 per cent of European businesses are unprepared for GDPR. Survey of 400 European businesses by RSM and the European Business Awards. https://www.institutionalassetmanager.co.uk/2017/12/08/259129/92-cent-european-businesses-are-unprepared-gdpr
  • #6 Communicating to the organisation, we could expand this section. 1. educating internally on the GDPR and 2 ensuring consistent and effective communication between departments. How do you ensure a joined up approach across departments? Data protection from external sources. Website etc. Chris – clearly, there are lots of things to do – what should an organisation focus on? We’ve put on screen a number of data centric points which I’ll come onto in a moment but, for me, the most important thing is to work in understanding the business architecture of your company.
  • #9 What about shadow IT and Apps held outside the organisation which the org doesn’t know about? How will this impact Privacy by design How will this impact DPIAs
  • #10 Chris, you wrote regularly regarding the challenges for CISO – I see you’ve noted down a few in relation to GDPR. Article 17 – Right to Erasure – how to make sure data is securely and appropriately removed from systems – tough when systems are relational databases Article 33 – 72 hour reporting window. Could you talk use through them? Seed questions: You spoke about multiple data centres – how does that help us with GDPR requirements? What about my mobile and roaming users? Can I go anywhere to find further information about Zscaler and GDPR?