solving the top 5 gdpr challenges
play

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program - PowerPoint PPT Presentation

Oct 19, 2022 •293 likes •651 views

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program About Bill Bradley Leads Product Marketing for Data Loss Prevention Bill Bradley Director, Product Marketing ~20 years of marketing & sales experience Field

  1. Solving The Top 5 GDPR Challenges Accelerating your GDPR Program

  2. About Bill Bradley  Leads Product Marketing for Data Loss Prevention Bill Bradley Director, Product Marketing  ~20 years of marketing & sales experience • Field Sales, Competitive Analysis, Product Marketing & Management  Previously at Rapid7 and General Electric 2

  3. About Martin Sugden  CEO of Boldon James Martin Sugden  Oversees commercial strategy and product CEO development across Boldon James’ diverse range of software security products.  20+ years experience in the Security Industry and led the Management Buyout (MBO) of Boldon James and the subsequent sale to QinetiQ Plc in 2007. 3

  4. 4

  5. Technology People Process 5

  6. Technology People Process 6

  7. Agenda 4. Challenges, Solutions, 1. Introduction Benefits 5. About Digital Guardian & 2. GDPR in 30 Seconds Boldon James 3. Top 5 Challenges 6. Questions 7

  8. GDPR in 30 Seconds Data protection law Effective: May, 2018 harmonization Personal data protection Breach response protocol for, or about, EU citizens Global reach New penalties for breach 8

  9. GDPR in 30 Seconds Data protection law Effective: May, 2018 harmonization Personal data protection Breach response protocol for, or about, EU citizens Global reach New penalties for breach 9

  10. Top 5 Challenges 1. EU Citizen: The 3. Notification New Data Owner Requirement 4. Privacy by Design & 2. Confidentiality & Sensitive Data Protection Default 5. Data Protection Officer 10

  11. EU Citizen: The New Data Owner CHALLENGE 1 “…controller shall take appropriate measures to provide any information …and any communication…relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language… without undue delay ” 11

  12. EU Citizen: The New Data Owner CHALLENGE 1 Challenges Under New Management Opt-in vs opt-out Layers of Consent consent consent terminology Right to be Right to access Data portability forgotten 12

  13. EU Citizen: The New Data Owner CHALLENGE 1 Steps to Resolve Under New Management People Process Technology • Changing behaviors • Means to address • Find GDPR data around data inquires • Classify GDPR data collection, use • Limits on what is • Track GDPR data • Consent collected • Confirm where GDPR • Data lifecycle data isn’t management 13

  14. Confidentiality & Sensitive Data Protection CHALLENGE 2 “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘ integrity and confidentiality ’).” 14

  15. Confidentiality & Sensitive Data Protection CHALLENGE 2 Challenges Specificity Transparency Accuracy Confidentiality & Expiration Date Documented integrity 15

  16. Confidentiality & Sensitive Data Protection CHALLENGE 2 Steps to Resolve People Process Technology • Education & awareness • Rules around • Visibility processing, • Asking the right • Analytics disseminating questions • Controls • Minimizing data • DPO accountability • Encryption • DPO empowerment • Pseudonymization 16

  17. Notification Requirement CHALLENGE 3 “In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority…” 17

  18. Notification Requirement CHALLENGE 3 Challenges Scope Containment Quick turn unknown unknown Eradication of Solutions threat unknown unknown 18

  19. Notification Requirement CHALLENGE 3 Steps to Resolve People Process Technology • Technical • Incident response plan • Detection • Non-technical • Data minimization • Containment • Data lifecycle • Neutralization management • Forensics 19

  20. Privacy by Design & Default CHALLENGE 4 “ When developing, designing, selecting and using applications, services and products …take into account the right to data protection …with due regard to the state of the art, to make sure that controllers and processors are able to fulfil their data protection obligations. ” 20

  21. Privacy by Design & Default CHALLENGE 4 Challenges The final hurdle vs Limit to current Limit access the 1 st stop need Proof of secure design and default 21

  22. Privacy by Design & Default CHALLENGE 4 Steps to Resolve People Process Technology • Changing behavior • Incorporate into • Flag GDPR data upon existing creation • The right questions • Over communicate • Automated controls initially 22

  23. Data Protection Officer CHALLENGE 5 “The controller and the processor shall designate a data protection officer …” 23

  24. Data Protection Officer “75,000 Data Protection CHALLENGE 5 Officers Needed By 2018 To Handle EU Law.” Challenges - DARKReading Staffing Immediate Organizational shortage need change Position role Power shift for success 24

  25. Data Protection Officer CHALLENGE 5 “75,000 Data Protection Officers Needed By 2018 Steps to Resolve To Handle EU Law.” - DARKReading People Process Technology • Acting DPO today • Define the role • Visibility • Define the hierarchy • Analytics • Controls 25

  26. Digital Guardian for Your 5 Challenges Confidentiality & EU Citizen: The New Notification Sensitive Data Data Owner Requirement Protection • Find the data • Visibility into extended • Threat aware data enterprise protection • Understand the data • Highlight risks to the • Incident response • Protect the data most sensitive data program • Stop data loss before compliance violations 26

  27. Digital Guardian for Your 5 Challenges Privacy by Design Data Protection Officer • Immediate visibility • Support compliance and security • Data aware security • Document compliance posture • Automated responses • Track improvement 27

  28.  Founded 2002 to protect all data against theft  Began with protecting IP on the endpoint - the most challenging use case  Simplified compliance and cloud data protection with DG appliance  Launched industry’s first Managed Security Program for DLP  Only security company 100% focused on protecting sensitive data from loss or theft #1 IP Protection 28

  29.  Digital Guardian’s choice for comprehensive user classification capabilities  Boldon James: • Proven technology platform and integrations – over 35 best-of-breed technology partners, including Digital Guardian • Owned by QinetiQ Plc - $2bn defence & security technology business • Global presence , local support across US, South America, EMEA and APAC • A Data Classification Market leader – wide range of data classification products supporting Windows, Mac & Citrix 29

  30. Threat Aware Data Protection Deepest Visibility Real-Time Analytics Flexible Controls  Network  Filters out the noise  Automatically protects sensitive data  Endpoint  Accelerates Compliance & Security Initiative  Don’t impede business  Cloud  Documents Compliance  Enforceable on all OS’s  Databases/Shares Posture to Auditors and  Across network, storage,  Structured and Management Team cloud and e ndpoints Unstructured Data 30 Confidential

  31. Threat Aware Data Protection Deepest Visibility Real-Time Analytics Flexible Controls  Network  Filters out the noise  Automatically protects sensitive data  Endpoint  Accelerates Compliance & Security Initiative  Don’t impede business  Cloud  Documents Compliance  Enforceable on all OS’s  Databases/Shares Posture to Auditors and  Across network, storage,  Structured and Management Team cloud and e ndpoints Unstructured Data 31 Confidential

  32. Summary  GDPR Go Live Date May 2018  Blend of People, Process, and Technology to Succeed  Digital Guardian Visibility, Analytics, and Controls • Demonstrate GDPR Compliance • Support Data Security 32

  33. How Prepared Are You?  Contact Digital Guardian to see if you qualify for a complementary GDPR Data Risk Assessment .  Provides custom reporting and analysis for your organization so you better understand: • Where Personal Data Resides • How Personal Data Flows • Who Processes Personal Data • And more…  Click Here To Inquire About Our GDPR Data Risk Assessment 33

  34. Thank You Any questions?

  35. Digital Guardian’s Next Webinar “Understanding and Implementing Data Security in Office 365”  April 19 @ 2:00 PM ET • Patrick Hevesi – Research Director - Gartner • Bill Bradley – Director Product Marketing - Digital Guardian  Watch this webcast to learn: • Can I trust Microsoft and Office 365? • How can I secure my enterprise data in Office 365? • Is DLP in Office 365 good enough? • What 3rd party solutions can help secure Office 365? 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Bipolar Disorder 2. Pharmacologic Treatment Challenges with therapeutic vs side effects 3.

Bipolar Disorder 2. Pharmacologic Treatment Challenges with therapeutic vs side effects 3.

Overview Bipolar Disorder Solving Clinical Challenges 1. Diagnostic Nosology Solving Clinical Challenges in Challenges distinguishing bipolar from unipolar Bipolar Disorder 2. Pharmacologic Treatment Challenges with therapeutic vs

420 views • 8 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you have specific

495 views • 35 slides
GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB GDPR TIMELINE Definitions GDPR is a set of EU laws that come into affect on May 25th 2018. GDPR rules are designed to give more control over

587 views • 30 slides
GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get Compliant Agenda GDPR at a glance What does GDPR mean for IT departments Microsoft and GDPR M365 O365 Azure Dynamics

349 views • 18 slides
IDD WAIVER REDESIGN CASE STUDIES PROJECT Mara Baer, AgoHealth LLC Agenda Case Study Project

IDD WAIVER REDESIGN CASE STUDIES PROJECT Mara Baer, AgoHealth LLC Agenda Case Study Project

IDD WAIVER REDESIGN CASE STUDIES PROJECT Mara Baer, AgoHealth LLC Agenda Case Study Project Background Purpose/Process Needs Based Criteria Overview Case Studies Findings Trends Questions/Discussion Background of Project

393 views • 23 slides
Patent family - background Patent family - background Patent family - background 1883

Patent family - background Patent family - background Patent family - background 1883

The Derwent patent family The Derwent patent family and its application in and its application in Patent Statistical Analysis Patent Statistical Analysis WIPO-OECD Workshop on Statistics in the Patent Field, Geneva, Sept 18-19, 2003 Doina

114 views • 8 slides
Oregon Department of ENERGY Energy Facility Siting Division Presentation to EFSC Workgroup

Oregon Department of ENERGY Energy Facility Siting Division Presentation to EFSC Workgroup

Oregon Department of ENERGY Energy Facility Siting Division Presentation to EFSC Workgroup November 16, 2017 Todd R. Cornett, Assistant Director Oregons Energy Facility Siting Division Oversees the review of and the decision-making for

559 views • 39 slides
Beginners Presentation: Understanding the Basics Fall 2010 Applicant Trainings Washington, DC I

Beginners Presentation: Understanding the Basics Fall 2010 Applicant Trainings Washington, DC I

E rate Program Beginners Presentation: Understanding the Basics Fall 2010 Applicant Trainings Washington, DC I Newark I Minneapolis I Los Angeles I Kansas City I Jacksonville I Portland I Dallas/Fort Worth Beginners Presentation Overview

712 views • 28 slides
IMAGE-BASED PATIENT-SPECIFIC DOSIMETRY FOR RADIONUCLIDE THERAPY Michael Ljungberg, PhD,

IMAGE-BASED PATIENT-SPECIFIC DOSIMETRY FOR RADIONUCLIDE THERAPY Michael Ljungberg, PhD,

IMAGE-BASED PATIENT-SPECIFIC DOSIMETRY FOR RADIONUCLIDE THERAPY Michael Ljungberg, PhD, Katarina Sjgreen-Gleisner, PhD International Symposium on Standards, Applications and Quality Assurance in Medical Radiation Dosimetry 9-12 November

755 views • 33 slides
scop spect Read the sentences and choose the best spelling word for each. If you

scop spect Read the sentences and choose the best spelling word for each. If you

This week, we are looking at spellings that belong to two more word families. scop spect Read the sentences and choose the best spelling word for each. If you choose correctly, a letter will appear to spell out the root word.

459 views • 17 slides
Climate Services Climate Services Climate Services Climate Services Perspective Perspective e

Climate Services Climate Services Climate Services Climate Services Perspective Perspective e

JMA JMA/WMO Workshop on Quality Management in Surface, Climate and Upper air Observations in RA II (Asia) 27 30 July 2010, Tokyo, Japan Climate Services Climate Services Climate Services Climate Services Perspective Perspective e

936 views • 45 slides
scop spect Read the sentences and choose the best spelling word for each. You

scop spect Read the sentences and choose the best spelling word for each. You

This week, we are looking at spellings that belong to two more word families. scop spect Read the sentences and choose the best spelling word for each. You have 2 minutes to solve the root word puzzle. Read the sentences

402 views • 15 slides

More recommend