Solving The Top 5 GDPR Challenges Accelerating your GDPR Program - - PowerPoint PPT Presentation

solving the top 5 gdpr challenges
SMART_READER_LITE
LIVE PREVIEW

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program - - PowerPoint PPT Presentation

Oct 19, 2022 293 likes •658 views

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program About Bill Bradley Leads Product Marketing for Data Loss Prevention Bill Bradley Director, Product Marketing ~20 years of marketing & sales experience Field

slide-1
SLIDE 1

Solving The Top 5 GDPR Challenges

Accelerating your GDPR Program

slide-2
SLIDE 2

About Bill Bradley

  • Leads Product Marketing for Data Loss

Prevention

  • ~20 years of marketing & sales experience
  • Field Sales, Competitive Analysis,

Product Marketing & Management

  • Previously at Rapid7 and General Electric

2

Bill Bradley

Director, Product Marketing

slide-3
SLIDE 3

About Martin Sugden

  • CEO of Boldon James
  • Oversees commercial strategy and product

development across Boldon James’ diverse range of software security products.

  • 20+ years experience in the Security

Industry and led the Management Buyout (MBO) of Boldon James and the subsequent sale to QinetiQ Plc in 2007.

3

Martin Sugden

CEO

slide-4
SLIDE 4

4

slide-5
SLIDE 5

5

Process Technology People

slide-6
SLIDE 6

6

Process Technology People

slide-7
SLIDE 7

Agenda

7

  • 1. Introduction
  • 2. GDPR in 30 Seconds
  • 3. Top 5 Challenges
  • 4. Challenges, Solutions,

Benefits

  • 5. About Digital Guardian &

Boldon James

  • 6. Questions
slide-8
SLIDE 8

GDPR in 30 Seconds

8

Effective: May, 2018 Personal data protection for, or about, EU citizens Global reach Data protection law harmonization Breach response protocol New penalties for breach

slide-9
SLIDE 9

GDPR in 30 Seconds

9

Effective: May, 2018 Personal data protection for, or about, EU citizens Global reach Data protection law harmonization Breach response protocol New penalties for breach

slide-10
SLIDE 10

Top 5 Challenges

10

  • 1. EU Citizen: The

New Data Owner

  • 2. Confidentiality &

Sensitive Data Protection

  • 3. Notification

Requirement

  • 4. Privacy by Design &

Default

  • 5. Data Protection

Officer

slide-11
SLIDE 11

EU Citizen: The New Data Owner

11

“…controller shall take appropriate measures to provide any information…and any communication…relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language…without undue delay ”

1

CHALLENGE

slide-12
SLIDE 12

EU Citizen: The New Data Owner

Opt-in vs opt-out consent Layers of consent Consent terminology Right to access Data portability Right to be forgotten

12

Challenges

Under New Management

1

CHALLENGE

slide-13
SLIDE 13

EU Citizen: The New Data Owner

People

  • Changing behaviors

around data collection, use

  • Consent

Process

  • Means to address

inquires

  • Limits on what is

collected

  • Data lifecycle

management

Technology

  • Find GDPR data
  • Classify GDPR data
  • Track GDPR data
  • Confirm where GDPR

data isn’t

13

Steps to Resolve

1

CHALLENGE

Under New Management

slide-14
SLIDE 14

Confidentiality & Sensitive Data Protection

14

“processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”

2

CHALLENGE

slide-15
SLIDE 15

Confidentiality & Sensitive Data Protection

Specificity Transparency Accuracy Expiration Date Confidentiality & integrity Documented

15

Challenges

2

CHALLENGE

slide-16
SLIDE 16

Confidentiality & Sensitive Data Protection

People

  • Education & awareness
  • Asking the right

questions

  • DPO accountability

Process

  • Rules around

processing, disseminating

  • Minimizing data
  • DPO empowerment

Technology

  • Visibility
  • Analytics
  • Controls
  • Encryption
  • Pseudonymization

16

Steps to Resolve

2

CHALLENGE

slide-17
SLIDE 17

Notification Requirement

17

“In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority…”

3

CHALLENGE

slide-18
SLIDE 18

Notification Requirement

Quick turn Scope unknown Containment unknown Eradication of threat unknown Solutions unknown

18

Challenges

3

CHALLENGE

slide-19
SLIDE 19

Notification Requirement

People

  • Technical
  • Non-technical

Process

  • Incident response plan
  • Data minimization
  • Data lifecycle

management

Technology

  • Detection
  • Containment
  • Neutralization
  • Forensics

19

Steps to Resolve

3

CHALLENGE

slide-20
SLIDE 20

Privacy by Design & Default

20

“When developing, designing, selecting and using applications, services and products…take into account the right to data protection…with due regard to the state

  • f the art, to make sure that controllers and processors

are able to fulfil their data protection obligations. ”

4

CHALLENGE

slide-21
SLIDE 21

Privacy by Design & Default

The final hurdle vs the 1st stop Limit to current need Limit access Proof of secure design and default

21

Challenges

4

CHALLENGE

slide-22
SLIDE 22

Privacy by Design & Default

People

  • Changing behavior
  • The right questions

Process

  • Incorporate into

existing

  • Over communicate

initially

Technology

  • Flag GDPR data upon

creation

  • Automated controls

22

Steps to Resolve

4

CHALLENGE

slide-23
SLIDE 23

Data Protection Officer

23

“The controller and the processor shall designate a data protection officer…”

5

CHALLENGE

slide-24
SLIDE 24

Data Protection Officer

Staffing shortage Immediate need Organizational change Power shift Position role for success

24

Challenges

“75,000 Data Protection Officers Needed By 2018 To Handle EU Law.”

  • DARKReading

5

CHALLENGE

slide-25
SLIDE 25

Data Protection Officer

People

  • Acting DPO today

Process

  • Define the role
  • Define the hierarchy

Technology

  • Visibility
  • Analytics
  • Controls

25

Steps to Resolve

5

CHALLENGE “75,000 Data Protection Officers Needed By 2018 To Handle EU Law.”

  • DARKReading
slide-26
SLIDE 26

Digital Guardian for Your 5 Challenges

EU Citizen: The New Data Owner

  • Find the data
  • Understand the data
  • Protect the data

Confidentiality & Sensitive Data Protection

  • Visibility into extended

enterprise

  • Highlight risks to the

most sensitive data

  • Stop data loss before

compliance violations

Notification Requirement

  • Threat aware data

protection

  • Incident response

program

26

slide-27
SLIDE 27

Digital Guardian for Your 5 Challenges

Privacy by Design

  • Immediate visibility
  • Data aware security
  • Automated responses

Data Protection Officer

  • Support compliance and security
  • Document compliance posture
  • Track improvement

27

slide-28
SLIDE 28

28

  • Founded 2002 to protect all data

against theft

  • Began with protecting IP on the

endpoint - the most challenging use case

  • Simplified compliance and cloud data

protection with DG appliance

  • Launched industry’s first Managed

Security Program for DLP

  • Only security company 100% focused
  • n protecting sensitive data from loss
  • r theft

#1 IP Protection

slide-29
SLIDE 29
  • Digital Guardian’s choice for comprehensive

user classification capabilities

  • Boldon James:
  • Proven technology platform and integrations – over

35 best-of-breed technology partners, including Digital Guardian

  • Owned by QinetiQ Plc - $2bn defence & security

technology business

  • Global presence, local support across US, South

America, EMEA and APAC

  • A Data Classification Market leader – wide range of

data classification products supporting Windows, Mac & Citrix

29

slide-30
SLIDE 30

Threat Aware Data Protection

Confidential 30

Deepest Visibility Real-Time Analytics Flexible Controls

  • Automatically protects

sensitive data

  • Don’t impede business
  • Enforceable on all OS’s
  • Across network, storage,

cloud and endpoints

  • Network
  • Endpoint
  • Cloud
  • Databases/Shares
  • Structured and

Unstructured Data

  • Filters out the noise
  • Accelerates Compliance &

Security Initiative

  • Documents Compliance

Posture to Auditors and Management Team

slide-31
SLIDE 31

Threat Aware Data Protection

Confidential 31

Deepest Visibility Real-Time Analytics Flexible Controls

  • Automatically protects

sensitive data

  • Don’t impede business
  • Enforceable on all OS’s
  • Across network, storage,

cloud and endpoints

  • Filters out the noise
  • Accelerates Compliance &

Security Initiative

  • Documents Compliance

Posture to Auditors and Management Team

  • Network
  • Endpoint
  • Cloud
  • Databases/Shares
  • Structured and

Unstructured Data

slide-32
SLIDE 32

Summary

  • GDPR Go Live Date May 2018
  • Blend of People, Process, and Technology to Succeed
  • Digital Guardian Visibility, Analytics, and Controls
  • Demonstrate GDPR Compliance
  • Support Data Security

32

slide-33
SLIDE 33

How Prepared Are You?

  • Contact Digital Guardian to see if you

qualify for a complementary GDPR Data Risk Assessment.

  • Provides custom reporting and analysis

for your organization so you better understand:

  • Where Personal Data Resides
  • How Personal Data Flows
  • Who Processes Personal Data
  • And more…
  • Click Here To Inquire About Our

GDPR Data Risk Assessment

33

slide-34
SLIDE 34

Thank You

Any questions?

slide-35
SLIDE 35

Digital Guardian’s Next Webinar

“Understanding and Implementing Data Security in Office 365”

  • April 19 @ 2:00 PM ET
  • Patrick Hevesi – Research Director - Gartner
  • Bill Bradley – Director Product Marketing - Digital Guardian
  • Watch this webcast to learn:
  • Can I trust Microsoft and Office 365?
  • How can I secure my enterprise data in Office 365?
  • Is DLP in Office 365 good enough?
  • What 3rd party solutions can help secure Office 365?

35