<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

How information security departments can prepare to meet GDPR’s 72-hour breach reporting deadline

Regulations

How information security departments can prepare to meet GDPR’s 72-hour breach reporting deadline

The General Data Protection Regulation’s breach notification mandate is likely to impact an organization’s information security program. Under GDPR, once a breach is discovered, organizations have 72 hours to provide authorities with extensive details on the incident, including what type of data was stolen, who was impacted and what remediation measures are being taken. Here are the technical and procedural steps that companies should take to meet this deadline and avoid GDPR’s substantial fines.

GDPR's noble intentions could lead to attackers blackmailing enterprises

Regulations

GDPR's noble intentions could lead to attackers blackmailing enterprises

The specter of hefty GDPR fines may motivate attackers to ask breached companies to pay them to keep the incident quiet, allowing organizations to avoid the scrutiny and penalties that the regulation imposes on businesses that expose personal data.

GDPR Questions and Answers

Regulations

GDPR Questions and Answers

From is a ransomware attack considered a data breach under GDPR to how much can a company be fined for violating GDPR, security professionals have several questions on how the regulation impacts them. This blog answers some of them.

Protecting data under the General Data Protection Regulation

Regulations

Protecting data under the General Data Protection Regulation

The major principles and concerns of the GDPR include the following: Data protection officers or “DPO”, data privacy by design, data breach reporting, international data transfers, and compensation and liability, investigative, corrective, and advisory powers.

GDPR: The state of the cyber-security regulation post Brexit

Regulations

GDPR: The state of the cyber-security regulation post Brexit

After talking to data protection officers, whose job is to meet the GDPR’s requirements around “robust breach detection and investigation,” the answer is yes.