On the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches
|
|
- Rosemary Reynolds
- 5 years ago
- Views:
Transcription
1 On the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches An incident response orchestration platform tailored to GDPR breach management needs Publication Date: 24 Oct 2018 Product code: INT Alan Rodger
2 Summary Catalyst The EU General Data Protection Regulation (GDPR) legislation requires any organization that processes personal data of data subjects in the EU to notify appropriate authorities of personal data breaches within 72 hours. An additional obligation requires notification of affected data subjects without undue delay. Failing to meet these requirements exposes the non-compliant organization to fines of 20m euros or 4% of annual revenues, whichever is greater. Meeting these requirements brings new challenges to corporate security incident response teams and requires collaboration with and across other corporate functions such as legal, privacy, and governance, risk, and compliance (GRC) teams. Key messages IBM Resilient ships with the breach notification regulations for the 28 EU member states. Built in guidance and templates makes it easier for users to progress the breach management and reporting process through incident submission, analysis, and notification. IBM has created a privacy-focused risk assessment to help customers determine who to notify in case of a breach. Ovum view The IBM Resilient Incident Response Platform was already a mature and well-adopted solution prior to its application to the requirements arising from GDPR. Organizations challenged by the compliance obligations will find the GDPR-related instructions, workflows, and templates provide a step-by-step approach to enable efficiency and compliance in meeting the 72-hour breach notification deadline. Recommendations for enterprises Why put IBM Resilient on your radar? IBM Resilient spans both security and privacy breach use cases. The Resilient Privacy Module is designed to help improve corporate incident response and breach notification processes and has been updated to reflect the needs arising from GDPR (plus details of regulatory authorities within all 28 EU member states), with significant input from customers. IBM says the solution is integrated with one of the world s largest breach-notification databases, and offers detailed workflows for complying with specific regulations in the event of a breach. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 2
3 Highlights Background Resilient Systems was founded in 2010 to address the increase in cybersecurity risks and threats. It was acquired by IBM in 2016 and is now part of IBM Security, organizationally. IBM says the solution now has more than 300 customers globally, across 39 countries and verticals including financial, healthcare, retail, services, technology, manufacturing, federal, education, and critical infrastructure. About a quarter of customers are Fortune 1000 companies, 60 of which are in the Fortune 500, and over half of customers are midsize organizations (with annual revenues in excess of $100m). From acquisition in 2016 to early 2018, customer numbers grew by 134%. Current position The IBM Resilient Privacy Module, part of the overall incident response platform, enables organizations to keep abreast of and comply with various breach notification regulations, including GDPR, and to build and manage workflow-based processes for use where a breach occurs. In 2018, the solution was updated with details of the breach notification regulations for the 28 EU member states, with guidance on choosing the relevant Supervisory Authority in line with the GDPR Article 29 Working Party. New features added to help with GDPR compliance include: Risk assessment for GDPR breaches that contains guidance and examples to help with assessment completion. The "Notify Supervisory Authority" workflow task, which provides instructions about who to notify, what must be included in the notification, and how to notify. Resilient also provides the relevant notification template, and the option to provide follow-on notification if notifying in phases. The Notify Affected Individuals workflow task, which provides instructions on what must be included in the notification, guidance on acceptable formats, and a notification template. The Document Breach workflow task, which prompts and guides users about how best to document incidents. The IBM Resilient Privacy Module can now therefore guide organizations through the required response steps for dealing with GDPR-related data-loss incidents, especially in meeting the regulatory 72-hour deadline. Incidents can be manually submitted or automatically generated via integrations with help desk/ticketing, security information and event management (SIEM), and data lost prevention (DLP) systems. Resilient has specialist integrations with more than 100 security tools. The solution is compliant with the Business Process Model and Notation (BPMN) standard, and ships with out-of-the-box runbooks based on industry good practices. Its Workflow Editor enables customers to define more complex processes for incident handling and management, with unlimited notifications/alerts, approvals, and escalations. Configurable timers can be included to enable adherence to GDPR s 72-hour deadline, because customers can break down the overall 72 hours into relevant segments with sub-timers and alerts related to specific tasks. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 3
4 Reminders and alerts built in to workflows can be integrated with critical event management solutions such as Whispir and Everbridge to distribute urgent communications. Orchestration can also be used to automatically invoke required activities, such as the immediate triggering of a conference call for a preselected group of people/roles. The solution also provides a GDPR simulation capability, enabling organizations to rehearse or informally audit their processes and responses, and to train people in GDPR data breach scenarios. Data sheet Key facts Table 1: Data sheet: IBM Resilient Product name IBM Resilient Product classification Security incident response/orchestration Version number v.31 Release date May 2018 Industries covered All Geographies covered All Relevant company sizes Midsize and larger Licensing options SaaS or Perpetual URL resilientsystems.com Routes to market Direct and IBM-approved VARs Company headquarters Cambridge, MA, US Source: Ovum Appendix On the Radar On the Radar is a series of research notes about vendors bringing innovative ideas, products, or business models to their markets. Although On the Radar vendors may not be ready for prime time, they bear watching for their potential impact on markets and could be suitable for certain enterprise and public sector IT organizations. Further reading The importance and breadth of GDPR obligations on data breach reporting should not be underestimated, INT (May 2018) Author Alan Rodger, Senior Analyst, Infrastructure Solutions Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 4
5 Ovum Consulting We hope that this analysis will help you make informed and imaginative business decisions. If you have further requirements, Ovum s consulting team may be able to help you. For more information about Ovum s consulting capabilities, please contact us directly at consulting@ovum.com. Copyright notice and disclaimer The contents of this product are protected by international copyright laws, database rights and other intellectual property rights. The owner of these rights is Informa Telecoms and Media Limited, our affiliates or other third party licensors. All product and company names and logos contained within or appearing on this product are the trademarks, service marks or trading names of their respective owners, including Informa Telecoms and Media Limited. This product may not be copied, reproduced, distributed or transmitted in any form or by any means without the prior permission of Informa Telecoms and Media Limited. Whilst reasonable efforts have been made to ensure that the information and content of this product was correct as at the date of first publication, neither Informa Telecoms and Media Limited nor any person engaged or employed by Informa Telecoms and Media Limited accepts any liability for any errors, omissions or other inaccuracies. Readers should independently verify any facts and figures as no liability can be accepted in this regard readers assume full responsibility and risk accordingly for their use of such information and content. Any views and/or opinions expressed in this product by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Informa Telecoms and Media Limited. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 5
6 CONTACT US ovum.informa.com INTERNATIONAL OFFICES Beijing Dubai Hong Kong Hyderabad Johannesburg London Melbourne New York San Francisco Sao Paulo Tokyo
On the Radar: Condusiv Technologies
On the Radar: Condusiv Technologies Reducing I/O in both the physical and virtual environments Publication Date: 27 Apr 2015 Product code: IT0022-000341 Roy Illsley Summary Catalyst The modern data center
More informationOn the Radar: Positive Technologies protects against SS7 network vulnerabilities
On the Radar: Positive Technologies protects against SS7 network vulnerabilities PT SS7 Attack Discovery detects SS7 network intrusions Publication Date: 14 Feb 2017 Product code: IT0022-000885 Andrew
More informationOn the Radar: Kenna Security protects enterprises against data breaches
On the Radar: Kenna Security protects enterprises against data breaches Kenna offers continuous analysis of vulnerabilities and prioritizes remediation activities Publication Date: 27 Mar 2018 Product
More informationOracle bakes security into its DNA
Publication Date: 16 Nov 2018 Product code: INT003-000287 Maxine Holt Ovum view Summary At the inaugural Oracle Security Summit held at the company s stunning Santa Clara campus in September 2018, analysts
More informationOn the Radar: Peplink
Multi-link WAN load balancing Publication Date: 26 Sep 2014 Product code: IT0022-000130 Roy Illsley Summary Catalyst The Internet and the mobile telephone have changed both business-model and user expectations
More informationOn the Radar: IronScales offers anti-phishing defense suite
On the Radar: IronScales offers anti-phishing defense suite Awareness training, automated forensics, remediation, intelligence sharing, and anomaly detection Summary Catalyst IronScales offers a suite
More informationOn the Radar: Carbon Black defends against malware and fileless
On the Radar: Carbon Black defends against malware and fileless attacks Cb Defense combines next-generation antivirus and endpoint detection and response Publication Date: 21 Jul 2017 Product code: IT0022-001039
More informationVeeam demonstrates its ambitions and capabilities
Veeam demonstrates its ambitions and capabilities Publication Date: 14 Jul 2016 Product code: IT0022-000730 Roy Illsley Ovum view Summary The market for data protection and availability is undergoing a
More informationOn the Radar: Ziften enables continuous endpoint monitoring
On the Radar: Ziften enables continuous endpoint monitoring The Zenith platform can also run custom scripts for remediation Publication Date: 04 May 2017 Product code: IT0022-000962 Rik Turner Summary
More informationOn the Radar: Cloudmark Trident addresses spear phishing
On the Radar: Cloudmark Trident addresses spear phishing Context and behavioral analysis pick up attacks that may have no malicious payload Publication Date: 17 Feb 2016 Product code: IT0022-000603 Rik
More informationOn the Radar: Comodo protects endpoints by using containment with local and cloud-based inspection
On the Radar: Comodo protects endpoints by using containment with local and cloud-based inspection Sale of certificate authority business enables Comodo to focus on product development Publication Date:
More informationOn the Radar: Prevoty provides a runtime application security platform for the enterprise
On the Radar: Prevoty provides a runtime application security platform for the enterprise Protection for large-scale runtime environments Publication Date: 29 Dec 2015 Product code: IT0021-000138 Richard
More informationCase Study: Delivering Oracle Applications and Infrastructure in the Cloud
Case Study: Delivering Oracle Applications and Infrastructure in the Cloud How BT in Spain used Oracle s Private Cloud Appliance to deliver flexible cloud services Publication Date: 26 Jan 2016 Product
More informationB2B Takes Center Stage at Huawei s Ultra-Broadband Forum
B2B Takes Center Stage at Huawei s Ultra-Broadband Forum Ovum view Summary Ovum recently attended Huawei s Ultra-Broadband Forum, an event aimed at its top customers, partners and other key players in
More informationNeustar forms partnership with Limelight for turbocharged DDoS mitigation
Neustar forms partnership with Limelight for turbocharged DDoS mitigation Publication Date: 28 Jun 2016 Product code: IT0022-000723 Rik Turner Ovum view Summary Neustar, a provider of real-time cloud-based
More informationEffective Vulnerability Risk Management
Effective Vulnerability Risk Management Maintaining security and compliance in a modern IT supply chain Publication Date: August 14, 2018 Author: Roy Illsley Summary Catalyst The reality for many data
More informationDataStax stays the open core course as it reconnects with the Apache Cassandra community
DataStax stays the open core course as it reconnects with the Apache Cassandra community Publication Date: 18 Dec 2018 Product code: INT002-000204 Tony Baer Ovum view Summary With its latest open source
More informationThe strengthening case for fixed wireless broadband
The strengthening case for fixed wireless broadband Publication Date: 21 08 2018 Julian Bright Summary Ovum view Ubiquitous and affordable access to broadband is fundamental to building a modern digital
More informationOn the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users
On the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users Publication Date: 20 Oct 2017 Product code: IT0021-000263 Adam Holtby Summary Catalyst Balancing
More informationOptical Networks Booming in India
Major build cycle in India to support a rapidly modernizing mobile network infrastructure Publication Date: 13 Nov 2017 Product code: SPT002-000010 Don Frey Summary Catalyst India has been the best-performing
More informationDataStax Enterprise 6 extends Apache Cassandra
DataStax Enterprise 6 extends Apache Cassandra Ovum view Summary As one of the most popular NoSQL databases, Apache Cassandra has been known for its ability to handle extremely massive scales of structured
More informationOptical network futures Taking the carrier pulse
Optical network futures Taking the carrier pulse A KNect365 & Ovum survey of 60 communications service providers on optical network deployment plans and progress Ian Redpath, Principal Analyst, Service
More informationBusiness-Driven Security: An Essential Approach to Enterprise Protection and Compliance
Business-Driven Security: An Essential Approach to Enterprise Protection and Compliance Risk-enabled integration of security with business priorities is key to achieving the right protection Publication
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationSOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE
HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling
More informationSOC 3 for Security and Availability
SOC 3 for Security and Availability Independent Practioner s Trust Services Report For the Period October 1, 2015 through September 30, 2016 Independent SOC 3 Report for the Security and Availability Trust
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationThe Role of the Data Protection Officer
The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services
More informationGDPR: An Opportunity to Transform Your Security Operations
GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationEU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS
EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS MEET THE EXPERTS DAVID O LEARY Director, Forsythe Security Solutions THOMAS ECK Director, Forsythe Security Solutions ALEX HANWAY Product
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationGDPR COMPLIANCE REPORT
2018 GDPR COMPLIANCE REPORT INTRODUCTION Effective as of May 25, 2018, the European Union General Data Protection Regulation (GDPR) represents the most sweeping change in data privacy regulation in decades.
More informationCybersecurity Considerations for GDPR
Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union
More informationEU data security and privacy trends
EU data security and privacy trends Top issues for HR and global mobility 26 29 October 2014 Disclaimer EY refers to the global organization, and may refer to one or more, of the member firms of Ernst
More information2017 RIMS CYBER SURVEY
2017 RIMS CYBER SURVEY This report marks the third year that RIMS has surveyed its membership about cyber risks and transfer practices. This is, of course, a topic that only continues to captivate the
More informationFact Or Fiction: The State Of GDPR Compliance
A Forrester Consulting Thought Leadership Paper Commissioned By RSA December 2017 Fact Or Fiction: The State Of GDPR Compliance GDPR Compliance Requires More Than IT Table Of Contents 1 2 6 9 12 13 Executive
More informationARE YOU READY FOR GDPR?
SQL Security Whitepaper ARE YOU READY FOR GDPR? BY BOB FULLAM AND STEPHEN STOUT Demonstrate Compliance with IDERA SQL Security Suite OVERVIEW The European Union s General Data Protection Regulation (GDPR)
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationSecurity Breach Notification Reflections on the U.S. Experience
Compliance & Regulatory Matters Data Privacy Security Breach Notification Reflections on the U.S. Experience Bojana Bellamy Director of Data Privacy Accenture Brief History of Breach Notification Laws
More informationDealing with Security and Security Breaches
BEIJING BRUSSELS CHICAGO DALLAS FRANKFURT GENEVA HONG KONG LONDON LOS ANGELES NEW YORK PALO ALTO SAN FRANCISCO SHANGHAI SINGAPORE SYDNEY TOKYO WASHINGTON, D.C. Dealing with Security and Security Breaches
More informationTechnical Brief Enterprise Vault Privileged Delete
1 Feature Description Enterprise Vault 12.3 and Discovery Accelerator 12.3 offer a new feature called. The feature has the following benefits: This feature will help customers to comply with regulations,
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationAltitude Software. Data Protection Heading 2018
Altitude Software Data Protection Heading 2018 How to prevent our Contact Centers from Data Leaks? Why is this a priority for Altitude? How does it affect the Contact Center environment? How does this
More informationTrends to Watch: Managed Security Services. Providers invest in automation, tools, and skills as enterprises struggle with new regulations
ovum.informa.com 2018 Trends to Watch: Managed Security Services Providers invest in automation, tools, and skills as enterprises struggle with new regulations Summary Recommendations Catalyst Managed
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationIBM Compliance Offerings For Verse and S1 Cloud. 01 June 2017 Presented by: Chuck Stauber
IBM Compliance Offerings For Verse and S1 Cloud 01 June 2017 Presented by: Chuck Stauber IBM Connections & Verse Email and collaboration platform designed to help you work better Empower people Teams are
More informationIBM Resilient Incident Response Platform On Cloud
Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationEU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?
EU GDPR and Email The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of the personal data of European Union (EU) citizens across all EU markets. It replaces existing
More informationCyber Security Law --- Are you ready?
Cyber Security Law --- Are you ready? Xun Yang Of Counsel, Commercial IP and Technology 9 May 2017 1 / B_LIVE_APAC1:2207856v1 Content Overview of Cyber Security Law Legislative Development Key Issues in
More informationPRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology 24 October 2017 Content Overview of Cyber Security Law Observations on Implementation of Cyber
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationDemystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow
Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases Gen Fields Senior Solution Consultant, Federal Government ServiceNow 1 Agenda The Current State of Governance, Risk, and Compliance
More informationOCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)
OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA) This is a License Agreement (the "Agreement") for certain code (the Software ) owned by Akamai Technologies, Inc. ( Akamai ) that is useful in connection
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationSCHOOL SUPPLIERS. What schools should be asking!
SCHOOL SUPPLIERS What schools should be asking! Page:1 School supplier compliance The General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and will be applied into UK law via the updated
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationWeb Data Integration: A new source of competitive advantage
Web Data Integration: A new source of competitive advantage An Ovum white paper for Import.io Publication Date: 29 January 2019 Author: Tony Baer Summary Catalyst Web data provides key indicators into
More informationIBM Resilient Incident Response Platform On Cloud
Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationGDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10
GDPR AMC SAAS AND HOSTED MODULES UK version AMC Consult A/S June 26, 2018 Version 1.10 INDEX 1 Signatures...3 2 General...4 3 Definitions...5 4 Scoping...6 4.1 In scope...6 5 Responsibilities of the data
More informationHow to Establish Security & Privacy Due Diligence in the Cloud
How to Establish Security & Privacy Due Diligence in the Cloud Presentation: Cloud Computing Expo 2015, Santa Clara, California Maria C. Horton, CISSP, ISSMP, Cloud Essentials, IAM CEO, EmeSec Incorporated
More informationThe GDPR data just got personal
GDPR QUICK REFERENCE GUIDE The GDPR data just got personal What it is, what it means and how it affects you The GDPR is a gamechanger for organizations holding, and protecting, personal, identifiable data
More informationMartijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain
Merritt Maxim Principal Analyst Forrester Martijn Loderus Director & Global Practice Partner for Advisory Consulting Janrain Merritt and Martijn will share insights on Digital Transformation & Drivers
More informationMNsure Privacy Program Strategic Plan FY
MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term
More informationCognizant Cloud Security Solution
CLOUD SECURITY OVERVIEW Cognizant Cloud Security Solution Transform your security operation to protect your business across public and hybrid cloud environments. December 2017 The advantages of moving
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Michael Eva, London Grid for Learning What is GDPR? General Data Protection Regulation (GDPR) protects the personal data of EU citizens regardless of where the
More informationQ&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR )
Q&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR ) May 2018 Document Classification Public Q&A for Citco Fund Services clients in relation to The General Data Protection
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationNEWSFLASH GDPR N 8 - New Data Protection Obligations
GDPR N 8 May 2017 NEWSFLASH GDPR N 8 - New Data Protection Obligations Following the adoption of the new EU General Data Protection Regulation (GDPR) on 27 April 2016, most organisations began to re-examine
More informationThe GDPR and NIS Directive: Risk-based security measures and incident notification requirements
The GDPR and NIS Directive: Risk-based security measures and incident notification requirements Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 4 May 2017 Introduction Adrian Ross GRC consultant
More informationGDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ
GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationOverview of Key E.U. and U.S. Privacy and Cybersecurity Laws. Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018
Overview of Key E.U. and U.S. Privacy and Cybersecurity Laws Brett Lockwood Smith, Gambrell & Russell, LLP May 15, 2018 Agenda Principal Obligations Under GDPR Key U.S. Privacy & Cybersecurity Laws E.U.
More informationFirst aid toolkit for the management of data breaches. Mary Deligianni Senior Associate 15 February 2018
First aid toolkit for the management of data breaches Mary Deligianni Senior Associate 15 February 2018 What is a personal data breach? Breach of security which leads to the accidental or unlawful destruction,
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationWhite Paper. How to Write an MSSP RFP
White Paper How to Write an MSSP RFP https://www.solutionary.com (866) 333-2133 Contents 3 Introduction 3 Why a Managed Security Services Provider? 5 Major Items to Consider Before Writing an RFP 5 Current
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationData Processing Agreement
Data Processing Agreement Merchant (the "Data Controller") and Nets (the "Data Processor") (separately referred to as a Party and collectively the Parties ) have concluded this DATA PROCESSING AGREEMENT
More informationDFARS Cyber Rule Considerations For Contractors In 2018
Portfolio Media. Inc. 111 West 19 th Street, 5th Floor New York, NY 10011 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com DFARS Cyber Rule Considerations For Contractors
More informationNetwork and Information Security Directive
Network and Information Security Directive Provisions + ENISA s activities Dr Evangelos Ouzounis Head of Secure Infrastructure and Services Unit, ENISA European Union Agency for Network and Information
More informationGDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd
GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document
More informationTerms of Use. Changes. General Use.
Terms of Use THESE TERMS AND CONDITIONS (THE TERMS ) ARE A LEGAL CONTRACT BETWEEN YOU AND SPIN TRANSFER TECHNOLOGIES ( SPIN TRANSFER TECHNOLOGIES, STT, WE OR US ). THE TERMS EXPLAIN HOW YOU ARE PERMITTED
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationCisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th
Cisco Spark and GDPR Thomas Flambeaux Collaboration Consulting Solution Engineer, Security and Compliance Cisco Connect 2018 Copenhagen April 12th 2015 Cisco and/or its affiliates. All rights reserved.
More informationencrypted, and that all portable devices (laptops, phones, thumb drives, etc.) be encrypted while in use and while at rest?
Data Privacy According to statistics provided by the Data Breach Level Index, hackers and thieves are stealing more than 227,000 personal records per hour as of 2017, generally targeting customer information
More informationEco Web Hosting Security and Data Processing Agreement
1 of 7 24-May-18, 11:50 AM Eco Web Hosting Security and Data Processing Agreement Updated 19th May 2018 1. Introduction 1.1 The customer agreeing to these terms ( The Customer ), and Eco Web Hosting, have
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More information