Professional Documents
Culture Documents
Security Operations Center: - Is It The Right Answer For New EU Cybersecurity Law?
Security Operations Center: - Is It The Right Answer For New EU Cybersecurity Law?
SIR
Security
Incident
Response
SOA
Security
Operations
Automation
TVM
Threat and
Vulnerability
Management
More information: The Five Characteristics of an Intelligence-Driven Security Operations Center, Gartner 2015
© 1991 − 2017, CLICO.eu
More information: http://eur-lex.europa.eu/eli/reg/2016/679/oj
© 1991 − 2017, CLICO.eu
Risk-based approach to security
Source: ISO/IEC 29134 - Information technology — Security techniques — Guidelines for privacy
impact assessment, First edition 2017-06
© 1991 − 2017, CLICO.eu
No more “checklist” approach to security
Article 32
Security of processing
© 1991 − 2017, CLICO.eu
How to effectively protect Sensitive Data?
MULTILAYERED SECURITY IS RECOMMENDED*
2. Define access
More information: ISSA Journal February 2017, Patrick Looney, "Practical Steps for
Compliance with New EU Data Privacy Regulations". © 1991 − 2017, CLICO.eu
Practical Steps for Compliance with New EU Data
Privacy Regulations
Most Accurate
Machine Learning
Storage
1. DLP protects sensitive data locally on the user computers, including the data copied
from the databases without need to send the data to DLP server. DLP works even if
the user computer is offline.
2. DLP protects sensitive data locally on Web proxies and mail gateways, without
need to send the data to DLP server. Sensitive data is less exposed to manipulation
in the network.
3. DLP protects sensitive data in cloud apps, e.g. Email Gateway Office 365.
4. DLP detects sensitive data embedded in images and scanned PDF docs using
Optical Character Recognition (OCR) technology.
5. DLP detects sensitive data leaks conducted in long time by aggregation of small
data pieces (Drip DLP feature).
6. DLP automatically classifies, assesses the risk and prioritizes the incidents based on
the events aggregation and user behavior (Incident Risk Ranking feature).
7. DLP incorporates with User & Entity Behavioral Analytics (UEBA) solutions and
takes the actions depending on the users behavior and risk. © 1991 − 2017, CLICO.eu
Practical Steps for Compliance with New EU Data
Privacy Regulations
• GDPR Art. 33
Mandatory incident reporting for personal data breach
• NIS Directive Art. 16 (4)
Mandatory incident reporting for digital service providers
• Telecom Framework Directive Art. 13a
Mandatory incident reporting in the telecom sector
• eIDAS regulation Art. 19
Mandatory incident reporting for trust service providers
(…), not later than (a) describe the nature of the personal data breach including where
72 hours after possible, the categories and approximate number of data subjects
having become concerned and the categories and approximate number of
aware of it, notify personal data records concerned;
the personal data (b) communicate the name and contact details (…)
breach to the (c) describe the likely consequences of the personal data breach;
supervisory (d) describe the measures taken or proposed to be taken by the
authority (...) controller to address the personal data breach, including, (…)
gartners-top-10-technology-trends
-2017/
confidential
© 1991 − 2017, CLICO.eu
UEBA PURPOSE-BUILT UI FOR ANALYSTS
Identify highest risk
employees Fast, friendly forensics
Forcepoint UEBA
Analytics for Data & User
Protection
High Policy: observe Kate’s every user & machine detail and
Risk Group block all data transfers or copies anywhere
Medium Risk Policy: observe Kate much more closely with video from
Group local cache.