Strengthen Your SIEM And Be Ready For The GDPR

While many organisations have been preparing for the GDPR for months, some may only just be starting now. Others may even have the strategy to wait and see what might happen after 25th May, to observe reference cases and the level of predicted fines in practice. Whatever your company’s position is, I want to share two different views that should be urgently considered if you own a SIEM solution.

How your SIEM solution supports the GDPR compliance program of your organisation

Your SIEM plays an important role to fulfill many requirements that the GDPR asks for. For example, Article 32 requires your organisation to assess and evaluate the effectiveness of technical and organisational measures, ensuring the security of data processing. In addition to this, Article 33 is in place with the need for better scoping of incidents, identifying if an incident lead to a breach, how sensitive the disclosed data is, and what needs to be reported. However, there are also less obvious articles under the GDPR where your SIEM is the best solution to help you (e.g. Article 6,15-18, 21, 22, 28, 58 and 82).

Often it’s a challenge to translate the non-technical legal requirements into actionable items. To help with this, we have created the below materials. Within each is an interpretation of the law, what it means for an organisation's business, and what you should do about it:

Splunk GDPR reminder keyboard press

Don't break GDPR compliance with your SIEM

Whatever SIEM solution you operate, it is highly likely that personal information is captured in the log data such as phone numbers, email addresses, cookies, RFID’s, geolocation and more. If it can identify an individual in combination with other data, you must ensure that you’re not in breach of the GDPR compliance. To help give guidance on this, we have conducted detailed analysis on how you should treat your SIEM solution, and log data under the GDPR. We invited Freddy Dezeure, former head of CERT-EU, to provide advice on how to operate your SIEM in compliance with the GDPR:

Splunk GDPR reminder weak link

It’s important to get yourself and your SIEM solution ready, as the journey won’t end when the GDPR comes into effect. There’s a lot that we will all learn in the lead up to 25th May, and probably more so beyond.

Best

Matthias

https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Use Investigation Workbench to Reduce Time to Contain and Time to Remediate
Security
2 Minute Read

Use Investigation Workbench to Reduce Time to Contain and Time to Remediate

The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response
Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics
Security
8 Minute Read

Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics

Practical step-by-step guidance to configure ITSI to produce accurate and trusted alerts
Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed
Security
4 Minute Read

Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed

With the release of SURGe's new ransomware research, Splunker Shannon Davis shares a closer look into measuring how fast ransomware encrypts files.
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/about-splunk
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/subscribe-footer