SlideShare una empresa de Scribd logo
1 de 40
Descargar para leer sin conexión
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR
Is machine data relevant and how can it help?
GIOVANNI MORREALE
EMEA Technical Distribution Manager
The European General Data Protection Regulation
PRAGUE 1ST NOVEMBER 2017
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Goal of the General Data Protection Regulation
“The aim of the GDPR is to protect all EU
citizens from privacy and data breaches
in an increasingly data-driven world”
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR
Briefing Overview
GDPR
A Deeper Look
How Splunk
supports GDPR
compliance
Splunk and
Reporting
Examples
Agenda
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR
Briefing Overview
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR Timelines
The regulation is binding across all EU members states
January, 2012
Commissioner Proposed reform
to Data Protection regulation
May, 2018
Effective Data Protection
Framework comes into force (25th
May, 2018)
April, 2016
EU Council adopted new
regulation
December, 2015
EU agreement on regulation
including the UK after Brexit
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Key Features of GDPR
Applicable to any company doing business in the European Union
European
Data
Protection
Harmoniza
tion
Fines up
to
€20m or
4% of
turnove
r
Mandatory
Privacy
Impact
Assessme
nts
Privacy by
Design &
Default
72 Hour
Breach
Notificatio
n
Mandator
y Data
Erasure &
Portability
Consent
for
Personal
Data
Profiling
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR Advice
from the
information
commisioner
office
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
GDPR
A Deeper Look
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Looking into the Details
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Taking into account the state of the art, the costs of implementation and the
nature, scope, context and purposes of processing as well as the risk of varying
likelihood and severity for the rights and freedoms of natural persons, the
controller and the processor shall implement appropriate technical and
organisational measures to ensure a level of security appropriate to the risk,
including inter alia as appropriate:
Article 32 – Security of processing
Understand Threats
& Risks
Use of Encryption &
Anonymization
Regular Evaluation
of the Security Policy
& Practices
Ensure
Confidentiality,
Integrity, Availability
and Resilience of
PII Systems and
Services
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
1. In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72
hours after having become aware of it, notify the personal data breach to the supervisory authority competent in
accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural
persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons
for the delay.
...
3. The processor shall notify the controller without undue delay after becoming aware of a personal data breach.
The notification referred to in paragraph 1 shall at least:
(a) describe the nature of the personal data breach including where possible, the categories and approximate number
of data subjects concerned and the categories and approximate number of personal data records concerned;
(b) communicate the name and contact details of the data protection officer or other contact point where more information
can be obtained;
(c) describe the likely consequences of the personal data breach;
(d) describe the measures taken or proposed to be taken by the controller to address the personal data breach,
including, where appropriate, measures to mitigate its possible adverse effects
....
Article 33 – Notification of a personal data breach
to the supervisory authority
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
“In the case of a personal data breach, the controller shall without undue delay and, where feasible, not
later than 72 hours after having become aware of it, notify the personal data breach to the supervisory
authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a
risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not
made within 72 hours, it shall be accompanied by reasons for the delay.” …
1. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural
persons, the controller shall communicate the personal data breach to the data subject without undue
delay.
2. The communication to the data subject referred to in paragraph 1 of this Article shall describe in clear and
plain language the nature of the personal data breach and contain at least the information and
measures referred to in points (b), (c) and (d) of Article 33(3).
Article 34 – Communication of a personal data
breach to the data subject
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
“Each controller and, where applicable,
the controller's representative, shall
maintain a record of processing activities
under its responsibility”
Article 30 – Records of Processing Activity
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Finding of the ICO at a
Privacy Audit
Search and
Report on
data
processing
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
You wake up in the
morning and your
data privacy officer
is on the phone
The Day in a life of a
GDPR Breach
● Breach Happening, How it looks like
● Crisis Communication Internally
● Investigation Steps
● Finding out who was impacted, when it
did start, what type of a breach it was
● Communication Strategy Externally
● Data Privacy Audits from the
government
● You need to prove you did everything to
mitigate the risk for individuals
● You need to answer when did you know
what and how did you know about it?
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
How Splunk Supports
GDPR Compliance
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2016 SPLUNK INC. CONFIDENTIAL. INTERNAL USE ONLY.
Splunk can help your Organization with GDPR
▶ GDPR about People (IT & Legal), Process and
Technology
▶ Splunk helps to detect, prevent and investigate
breaches
• Breach Notification Article
• Breach Communication to Individuals Article
• Implement appropriate techn. Measures (Article)
▶ Prove GDPR security controls are enforced
• Data security article / state of the art tech / implement
appropriate techn. Measures
▶ Search and report on personal data processing
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Prove GDPR
Security Controls
are enforced
Detect, Prevent
and Investigate
Data Breaches
Search and Report
on Personal Data
Processing
Splunk for GDPR
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Splunk for GDPR
Detect, Prevent
and Investigate
Data Breaches The Forrester Wave:
Security Analytics Platforms, Q1 2017Gartner MQ for SIEM, Aug. 2016
IT Operations
Application Delivery
Industrial Data & IoT
Business Analytics, Future Markets
IT Security, Compliance & Fraud
Monitor Detect Investigate Respond
Enterprise
ES, UEBA
On-Premise, Cloud, Hybrid | Analytics for Hadoop
Different people
asking
different questions…
…of the same data.
Machine
Data
Article 33 - Notification of a personal data breach to the supervisory authority
Article 34 - Communication of a personal data breach to the data subject
Data Breach
Notification
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Splunk for GDPR
Prove GDPR
Security Controls
are enforced
Article 32 - Security of processing
Article 58 - Supervisory Investigative Powers
Risk
Minimization
Report
Compliance
DPIA
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Splunk for GDPR
Search and Report
on Personal Data
Processing
Article 30 - Records of Processing Activity
Article 5, 15, 17, 18 and 28 - Data Subject Rights
Supply chain
Obligations
Right to be
Forgotten
Right of
rectification
Right of access
Right of data
portability
…
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Machine Data plays a critical role and helps your organization to
comply with the GDPR - Are you prepared?
We invite you to ask for a GDPR Workshop!
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
▶ What’s the current status within your Organizations? Data Impact Assessments
happened?
▶ Who owns the GDPR Program in your organization?
▶ What are the Key Challenges?
▶ What are expected changes that influences the IT Department? What changes
have happened already?
▶ What capabilities need to be established for breach notification?
▶ What capabilities need to be established for data privacy audits?
▶ How about monitoring of PII processing activities?
Questions to ask yourself
HINTS
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Visibility and Enforcement for GDPR
API
SDKs UI
Report Compliance
Detect, Prevent
and Investigate
Data Breaches
Example Data Sources…
On-Premise, Cloud, Hybrid
No rigid schemas – add in data from any other source.
Protect
…
Classify
SDM/ControlPoint
…
Find
Trust Center
…
Prove GDPR
Security Controls
are enforced
Search and Report
on Personal Data
Processing
Govern
Content Manager
…
Securiity
IT-Ops
Cloud
IoT
…
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Top Goals Top Splunk Benefits
▶ Continuously Protect the business
against:
• Data Breaches
• Malware
• Fraud
• IP Theft
▶ Comply with audit requirements
▶ Provide enterprise Visibility
▶ 70% to 90% improvement with
detection and research of events
▶ 70% to 95% reduction in security
incident investigation
▶ 10% to 30% reduction in risks
associated with data breaches, fraud
and IP theft
▶ 70% to 90% reduction in compliance
labour
Splunk for Security & Compliance
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
▶ Data in transit: Encryption
▶ Data at rest: Encryption
▶ Data at rest: Integrity
▶ Data/Fields within Splunk:
• Anonymization in raw event
• Anonymization in presentation layer
• Pseudonymization in raw event
• Pseudonymization in presentation layer
CTA: Pseudonymization of PII
Stay compliant whatever occurs in your machine data
risk
minimization
strategy
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Splunk
and
Reporting Examples
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
How can Splunk help?
ALL DATA IS SECURITY RELEVANT
Security &
Compliance
Reporting
Real-time
Monitoring of
Known Threats
Detecting
Unknown
Threats
Fraud
Detection
Insider
Threat
Incident
Investigations
& Forensics
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Solution: Splunk, the Engine for Machine Data
Custom
dashboards
Report and
analyze
Monitor
and alert
Developer
Platform
Ad hoc
search
References – Coded fields, mappings, aliases
Dynamic information – Stored in non-traditional formats
Environmental context – Human maintained files, documents
System/application – Available only using application request
Intelligence/analytics – Indicators, anomaly, research, white/blacklist
Real-Time
Machine Data
On-Premises
Private Cloud
Public
Cloud
Storage
Online
Shopping Cart
Telecoms
Desktops
Security
Web
Services
Networks
Containers
Web
Clickstreams
RFID
Smartphones
and Devices
Servers
Messaging
GPS
Location
Packaged
Applications
Custom
Applications
Online
Services
DatabasesCall Detail
Records
Energy Meters
Firewall
Intrusion
Prevention
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
200+ APPS
The Splunk Platform for Security Intelligence
Splunk Enterprise (CORE)
Stream data
Cisco
Security Suite
Windows/ AD/
Exchange
Palo
Alto
Network
s
FireEy
e
Bit9
DShiel
d
DNS
OSSEC
Splunk UBASplunk for Security
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Thousands of Global Compliance Customers
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
▶ Who is accessing
which information?
Data Governance & Insight
Application Insights 360
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
▶ Assigned roles and
privileges
Data Governance & Insight
User Roles Overview
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Prove GDPR security
controls are enforced
Splunk helps to detect,
prevent and investigate
breaches
Search and report
on personal data
processing
What GDPR use cases does Splunk help solve?
Breach Investigation Notification: 72 Hours
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
▶ Next 7 Days
• Identify GDPR systems and applications in scope
• Find a lawyer within your organization and sync up with them to find out about their
requirements.
▶ Next 30 Days
• Review the current capabilities you have in place
• Think about how GDPR impacts the IT processes and systems you have already
• Review how the GDPR requirements can be incorporated into other compliance mandates you
have to comply with
• Reach out to us for a GDPR Workshop
Next Steps
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Thank you
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Backup Slides
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
How much control do you have over
the information you provide online?
To what extent do you trust authorities
and private organizations to protect
your data?
Key GDPR Drivers: Data Protection & Privacy
The Eurobarometer survey – June 2015
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Personal Data (PD)
• Data unique to an individual;
• Obvious identifiers → National Identifier, Passport No., Driver’s
License; email address (including work address)
• Less obvious identifiers → Cookies/beacons, IP address, MAC
address when connected to a person
Sensitive Data
• Ethnicity, gender orientation, race, religion, sex, health, criminal
history, etc.
Data….what data are we talking about?
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Thank You

Más contenido relacionado

La actualidad más candente

Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slidesExponential_e
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
 
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...TrustArc
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
A practical guide to GDPR preparation
A practical guide to GDPR preparationA practical guide to GDPR preparation
A practical guide to GDPR preparationPromapp Solutions
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkLeigh Hill
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
How is GDPR relevant for US companies
How is GDPR relevant for US companies How is GDPR relevant for US companies
How is GDPR relevant for US companies Patric Dahse
 
Beyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal AuditBeyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal AuditOmo Osagiede
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]TrustArc
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processingTim Gough
 

La actualidad más candente (20)

Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
 
12th July GDPR event slides
12th July GDPR event slides12th July GDPR event slides
12th July GDPR event slides
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
 
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offer
 
A practical guide to GDPR preparation
A practical guide to GDPR preparationA practical guide to GDPR preparation
A practical guide to GDPR preparation
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Webianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection frameworkWebianr: GDPR: How to build a data protection framework
Webianr: GDPR: How to build a data protection framework
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
How is GDPR relevant for US companies
How is GDPR relevant for US companies How is GDPR relevant for US companies
How is GDPR relevant for US companies
 
Beyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal AuditBeyond GDPR Compliance - Role of Internal Audit
Beyond GDPR Compliance - Role of Internal Audit
 
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
 
GDPR How to get started?
GDPR  How to get started?GDPR  How to get started?
GDPR How to get started?
 

Destacado

Doing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and doDoing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and doPatric Dahse
 
Will the GDPR Kibosh EU-US Discovery?
Will the GDPR Kibosh EU-US Discovery? Will the GDPR Kibosh EU-US Discovery?
Will the GDPR Kibosh EU-US Discovery? Logikcull.com
 
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDays Riga
 
GDPR en Cloud security
GDPR en Cloud securityGDPR en Cloud security
GDPR en Cloud securityDelta-N
 
GDPR i offentlige anskaffelser
GDPR i offentlige anskaffelserGDPR i offentlige anskaffelser
GDPR i offentlige anskaffelserKjell Steffner
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideZymplify
 

Destacado (7)

Doing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and doDoing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and do
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
 
Will the GDPR Kibosh EU-US Discovery?
Will the GDPR Kibosh EU-US Discovery? Will the GDPR Kibosh EU-US Discovery?
Will the GDPR Kibosh EU-US Discovery?
 
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for DummiesDevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
DevOpsDaysRiga 2017: Edward van Deursen - GDPR in DevOps for Dummies
 
GDPR en Cloud security
GDPR en Cloud securityGDPR en Cloud security
GDPR en Cloud security
 
GDPR i offentlige anskaffelser
GDPR i offentlige anskaffelserGDPR i offentlige anskaffelser
GDPR i offentlige anskaffelser
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify Guide
 

Similar a Splunk: How Machine Data Supports GDPR Compliance

A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachSplunk
 
A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany Splunk
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallSplunk
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France Splunk
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRIryna Chekanava
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...IT Governance Ltd
 
CyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRCyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRShadi A. Razak
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR ComplianceDATAVERSITY
 
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...Mailjet
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Codemotion
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
GDPR Benefits and a Technical Overview
GDPR  Benefits and a Technical OverviewGDPR  Benefits and a Technical Overview
GDPR Benefits and a Technical OverviewErnest Staats
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 

Similar a Splunk: How Machine Data Supports GDPR Compliance (20)

What you will take away from this session
What you will take away from this sessionWhat you will take away from this session
What you will take away from this session
 
A Day in the Life of a GDPR Breach
A Day in the Life of a GDPR BreachA Day in the Life of a GDPR Breach
A Day in the Life of a GDPR Breach
 
A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPR
 
The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...The GDPR and its requirements for implementing data protection impact assessm...
The GDPR and its requirements for implementing data protection impact assessm...
 
CyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRCyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPR
 
Getting Started with GDPR Compliance
Getting Started with GDPR ComplianceGetting Started with GDPR Compliance
Getting Started with GDPR Compliance
 
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
 
GDPR - CISO Perspective
GDPR - CISO PerspectiveGDPR - CISO Perspective
GDPR - CISO Perspective
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
How to Work With 3rd Party Software Providers Under GDPR - A Digital Marketin...
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?
 
GDPR Benefits and a Technical Overview
GDPR  Benefits and a Technical OverviewGDPR  Benefits and a Technical Overview
GDPR Benefits and a Technical Overview
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance
 

Más de MarketingArrowECS_CZ

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfMarketingArrowECS_CZ
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?MarketingArrowECS_CZ
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaMarketingArrowECS_CZ
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceMarketingArrowECS_CZ
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeMarketingArrowECS_CZ
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle softwareMarketingArrowECS_CZ
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?MarketingArrowECS_CZ
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoMarketingArrowECS_CZ
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. částMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částMarketingArrowECS_CZ
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyMarketingArrowECS_CZ
 

Más de MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Último

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 

Último (20)

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 

Splunk: How Machine Data Supports GDPR Compliance

  • 1. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Is machine data relevant and how can it help? GIOVANNI MORREALE EMEA Technical Distribution Manager The European General Data Protection Regulation PRAGUE 1ST NOVEMBER 2017
  • 2. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Goal of the General Data Protection Regulation “The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world”
  • 3. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Briefing Overview GDPR A Deeper Look How Splunk supports GDPR compliance Splunk and Reporting Examples Agenda
  • 4. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Briefing Overview
  • 5. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Timelines The regulation is binding across all EU members states January, 2012 Commissioner Proposed reform to Data Protection regulation May, 2018 Effective Data Protection Framework comes into force (25th May, 2018) April, 2016 EU Council adopted new regulation December, 2015 EU agreement on regulation including the UK after Brexit
  • 6. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Key Features of GDPR Applicable to any company doing business in the European Union European Data Protection Harmoniza tion Fines up to €20m or 4% of turnove r Mandatory Privacy Impact Assessme nts Privacy by Design & Default 72 Hour Breach Notificatio n Mandator y Data Erasure & Portability Consent for Personal Data Profiling
  • 7. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Advice from the information commisioner office
  • 8. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR A Deeper Look
  • 9. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Looking into the Details http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
  • 10. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: Article 32 – Security of processing Understand Threats & Risks Use of Encryption & Anonymization Regular Evaluation of the Security Policy & Practices Ensure Confidentiality, Integrity, Availability and Resilience of PII Systems and Services
  • 11. © 2017 SPLUNK INC.© 2017 SPLUNK INC. 1. In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay. ... 3. The processor shall notify the controller without undue delay after becoming aware of a personal data breach. The notification referred to in paragraph 1 shall at least: (a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned; (b) communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; (c) describe the likely consequences of the personal data breach; (d) describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects .... Article 33 – Notification of a personal data breach to the supervisory authority
  • 12. © 2017 SPLUNK INC.© 2017 SPLUNK INC. “In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.” … 1. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay. 2. The communication to the data subject referred to in paragraph 1 of this Article shall describe in clear and plain language the nature of the personal data breach and contain at least the information and measures referred to in points (b), (c) and (d) of Article 33(3). Article 34 – Communication of a personal data breach to the data subject
  • 13. © 2017 SPLUNK INC.© 2017 SPLUNK INC. “Each controller and, where applicable, the controller's representative, shall maintain a record of processing activities under its responsibility” Article 30 – Records of Processing Activity
  • 14. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Finding of the ICO at a Privacy Audit Search and Report on data processing
  • 15. © 2017 SPLUNK INC.© 2017 SPLUNK INC. You wake up in the morning and your data privacy officer is on the phone The Day in a life of a GDPR Breach ● Breach Happening, How it looks like ● Crisis Communication Internally ● Investigation Steps ● Finding out who was impacted, when it did start, what type of a breach it was ● Communication Strategy Externally ● Data Privacy Audits from the government ● You need to prove you did everything to mitigate the risk for individuals ● You need to answer when did you know what and how did you know about it?
  • 16. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How Splunk Supports GDPR Compliance
  • 17. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2016 SPLUNK INC. CONFIDENTIAL. INTERNAL USE ONLY. Splunk can help your Organization with GDPR ▶ GDPR about People (IT & Legal), Process and Technology ▶ Splunk helps to detect, prevent and investigate breaches • Breach Notification Article • Breach Communication to Individuals Article • Implement appropriate techn. Measures (Article) ▶ Prove GDPR security controls are enforced • Data security article / state of the art tech / implement appropriate techn. Measures ▶ Search and report on personal data processing
  • 18. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Prove GDPR Security Controls are enforced Detect, Prevent and Investigate Data Breaches Search and Report on Personal Data Processing Splunk for GDPR
  • 19. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Detect, Prevent and Investigate Data Breaches The Forrester Wave: Security Analytics Platforms, Q1 2017Gartner MQ for SIEM, Aug. 2016 IT Operations Application Delivery Industrial Data & IoT Business Analytics, Future Markets IT Security, Compliance & Fraud Monitor Detect Investigate Respond Enterprise ES, UEBA On-Premise, Cloud, Hybrid | Analytics for Hadoop Different people asking different questions… …of the same data. Machine Data Article 33 - Notification of a personal data breach to the supervisory authority Article 34 - Communication of a personal data breach to the data subject Data Breach Notification
  • 20. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Prove GDPR Security Controls are enforced Article 32 - Security of processing Article 58 - Supervisory Investigative Powers Risk Minimization Report Compliance DPIA
  • 21. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Search and Report on Personal Data Processing Article 30 - Records of Processing Activity Article 5, 15, 17, 18 and 28 - Data Subject Rights Supply chain Obligations Right to be Forgotten Right of rectification Right of access Right of data portability …
  • 22. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Machine Data plays a critical role and helps your organization to comply with the GDPR - Are you prepared? We invite you to ask for a GDPR Workshop!
  • 23. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ What’s the current status within your Organizations? Data Impact Assessments happened? ▶ Who owns the GDPR Program in your organization? ▶ What are the Key Challenges? ▶ What are expected changes that influences the IT Department? What changes have happened already? ▶ What capabilities need to be established for breach notification? ▶ What capabilities need to be established for data privacy audits? ▶ How about monitoring of PII processing activities? Questions to ask yourself HINTS
  • 24. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Visibility and Enforcement for GDPR API SDKs UI Report Compliance Detect, Prevent and Investigate Data Breaches Example Data Sources… On-Premise, Cloud, Hybrid No rigid schemas – add in data from any other source. Protect … Classify SDM/ControlPoint … Find Trust Center … Prove GDPR Security Controls are enforced Search and Report on Personal Data Processing Govern Content Manager … Securiity IT-Ops Cloud IoT …
  • 25. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Top Goals Top Splunk Benefits ▶ Continuously Protect the business against: • Data Breaches • Malware • Fraud • IP Theft ▶ Comply with audit requirements ▶ Provide enterprise Visibility ▶ 70% to 90% improvement with detection and research of events ▶ 70% to 95% reduction in security incident investigation ▶ 10% to 30% reduction in risks associated with data breaches, fraud and IP theft ▶ 70% to 90% reduction in compliance labour Splunk for Security & Compliance
  • 26. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Data in transit: Encryption ▶ Data at rest: Encryption ▶ Data at rest: Integrity ▶ Data/Fields within Splunk: • Anonymization in raw event • Anonymization in presentation layer • Pseudonymization in raw event • Pseudonymization in presentation layer CTA: Pseudonymization of PII Stay compliant whatever occurs in your machine data risk minimization strategy
  • 27. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk and Reporting Examples
  • 28. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How can Splunk help? ALL DATA IS SECURITY RELEVANT Security & Compliance Reporting Real-time Monitoring of Known Threats Detecting Unknown Threats Fraud Detection Insider Threat Incident Investigations & Forensics
  • 29. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Solution: Splunk, the Engine for Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc search References – Coded fields, mappings, aliases Dynamic information – Stored in non-traditional formats Environmental context – Human maintained files, documents System/application – Available only using application request Intelligence/analytics – Indicators, anomaly, research, white/blacklist Real-Time Machine Data On-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy Meters Firewall Intrusion Prevention
  • 30. © 2017 SPLUNK INC.© 2017 SPLUNK INC. 200+ APPS The Splunk Platform for Security Intelligence Splunk Enterprise (CORE) Stream data Cisco Security Suite Windows/ AD/ Exchange Palo Alto Network s FireEy e Bit9 DShiel d DNS OSSEC Splunk UBASplunk for Security
  • 31. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Thousands of Global Compliance Customers
  • 32. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Who is accessing which information? Data Governance & Insight Application Insights 360
  • 33. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Assigned roles and privileges Data Governance & Insight User Roles Overview
  • 34. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Prove GDPR security controls are enforced Splunk helps to detect, prevent and investigate breaches Search and report on personal data processing What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
  • 35. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Next 7 Days • Identify GDPR systems and applications in scope • Find a lawyer within your organization and sync up with them to find out about their requirements. ▶ Next 30 Days • Review the current capabilities you have in place • Think about how GDPR impacts the IT processes and systems you have already • Review how the GDPR requirements can be incorporated into other compliance mandates you have to comply with • Reach out to us for a GDPR Workshop Next Steps
  • 36. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank you
  • 37. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Backup Slides
  • 38. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How much control do you have over the information you provide online? To what extent do you trust authorities and private organizations to protect your data? Key GDPR Drivers: Data Protection & Privacy The Eurobarometer survey – June 2015
  • 39. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Personal Data (PD) • Data unique to an individual; • Obvious identifiers → National Identifier, Passport No., Driver’s License; email address (including work address) • Less obvious identifiers → Cookies/beacons, IP address, MAC address when connected to a person Sensitive Data • Ethnicity, gender orientation, race, religion, sex, health, criminal history, etc. Data….what data are we talking about?
  • 40. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank You