SlideShare ist ein Scribd-Unternehmen logo

A Day in the Life of a GDPR Breach

Splunk
Splunk

You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organization has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next? Join this session to learn about the impact of GDPR and go through a breach investigation and response scenario as it would be after GDPR comes into effect in May 2018. You’ll hear from Splunk’s Data Privacy Officer Elizabeth Davies and Splunk’s Security Ninja Matthias Maier. What you will learn: - What breach response will look like under the GDPR - What tools and processes a data privacy officer will rely on in case of a breach - What departments and entities will be involved beyond IT - What activities are currently happening within organizations to prepare for the GDPR - What the consequences of the breach could be Watch the webinar: http://explore.splunk.com/GDPR_Webinar_EN

Technologie
1 von 74
© 2017 SPLUNK INC.© 2017 SPLUNK INC. A day in the life of a GDPR breach The General Data Protection Regulation of the European Union Elizabeth Davies | Director Risk Management and Data Protection, Data Protection Officer (DPO), Splunk Matthias Maier | Director Security Product Marketing EMEA September 2017 Name Title
© 2017 SPLUNK INC. Elizabeth Davies Matthias Maier ▶ Director Risk Management and Data Protection, Data Protection Officer (DPO) ▶ Director Security Product Marketing EMEA Your hosts of today From Splunk
© 2017 SPLUNK INC. Legal Disclaimer 3 The information in this presentation was compiled from sources believed to be reliable for informational and discussion purposes only. The information contained herein is not intended to constitute legal advice. You should consult with your own legal teams when developing programs and policies. You should not take, or refrain from taking, action based on its content. We do not guarantee the accuracy of this information and assume no liability in connection with therewith.
© 2017 SPLUNK INC. What’s the GDPR What activities are happening within organizations to prepare for What tools and processes a DPO relies on How a day in the life of a GDPR breach can look like Why Splunk What you will learn
© 2017 SPLUNK INC. Has your organization already started to prepare for the GDPR?
© 2017 SPLUNK INC. DPO’s View
© 2017 SPLUNK INC. An Outsider’s Perspective On GDPR Why GDPR Is So Important to US Security First Mindset Agenda GDPR: Quick Overview
© 2017 SPLUNK INC. Individual Rights (Right of Access, Rectification, Erasure, Portability, Restriction) (Arts. 15-20) Record of Processing Activities (Data Mapping and DPIA—Art. 30/35) Breach Notification (Art. 33-34) Secure Processing (Art. 32) GDPR GDPR: General Data Protection Regulation Highlights of Key Areas
© 2017 SPLUNK INC. Your Vendors (Processors) Must Report Events to Your Business Your Business (Controllers) Must Report to the Authorities (DPAs) You Business May Also Need to Report to the Individual Affected GDPR: Breach Notification Across EU A harmonized/tiered reporting obligation, but with tight response times (72 hours) Reporting Obligations: Your Business, Authorities and Affected Individuals
© 2017 SPLUNK INC. Your Vendor Notifies Your Business Your Business Notifies the DPA Your Business Notifies the Individual Affected When Do You Need to Report? Without “Undue Delay” and Often within 72 hours Without undue delay after becoming aware of breach Not later than 72 hours after becoming aware of breach if likely to result in risk to rights and freedoms Without undue delay if likely to result in high risk to rights and freedoms
© 2017 SPLUNK INC. ▶ Nature of the breach, including category/number of affected individuals and categories/number of personal data records concerned ▶ Contact info—if you have a DPO theirs are required ▶ Likely consequences of breach ▶ Measures taken to mitigate breach What Do You Need to Report? At a minimum, the following:
© 2017 SPLUNK INC. Detection + Escalation (Global: $0.99M) Notification (Global: $0.19M) Post-Breach Response (Global: $0.93M) Lost Business (Global: $1.51M) Costs of Data Breaches (Global Average Costs Per Breach) Source: Ponemon Inst. 2017 Cost of Data Breach Study – United States and 2017 Cost of Data Breach Study - Global Average total cost of data breach Global: $3.62M $
© 2017 SPLUNK INC. You will need log file reporting tools to help you determine: • If you have a breach—unauthorized access, disclosure, leak of information • If the breach is consequential enough to report—what kind of information was exposed, for how long, how many affected, was it anonymized/encrypted, etc. • What steps you will need to take to mitigate—take systems or users off line, shunt access, create sink holes, etc. So What Can You Do to Prepare? Some essential tools will help
© 2017 SPLUNK INC. ▶ At Splunk, our employees are our canaries in the coal mine ▶ You can’t notify customers, DPAs, or consumers, if you don’t know there is a problem ▶ No DPO/CPO/CISO/CIO can be everywhere, all the time ▶ Loss, destruction, leakage, unauthorized access—they can happen anywhere, not simply at your firewall ▶ You need everyone to play their part You Will Also Need Training It takes a village (Security/IT/Legal/Customer Relations/Marketing/HR)
© 2017 SPLUNK INC. • Eliminate duplication, streamline and enhance baseline education for all • Supplemental training where needed Enhanced Privacy/Security Training • Enhance first responder base when needed • Develop org-wide “muscle memory" Volunteer Firefighting • Enhance messaging campaign globally about who, when and where to report security/privacy events • Make this know-how second nature Revised IR Plan Enhanced Messaging At Splunk, We Are Focusing On Three Key Areas All designed to get us ready for May 2018
© 2017 SPLUNK INC. 1. Security and Privacy are team sports—rally your team (Security/IT/Legal/HR/Marketing/Customer Relations) 2. Training and IR Plan updates can be done easily and quickly—an ounce of prevention is worth a pound of cure 3. Don’t get overwhelmed, it won’t help 4. Put together a workable—not a perfect—plan and get going 5. Start with the easy stuff first—build team confidence Don’t let perfection be the enemy of the good—GDPR is here to stay—plenty of time ahead to improve Key Takeaways
© 2017 SPLUNK INC. Helen Keller “Life is either a great adventure or nothing.”
© 2017 SPLUNK INC. Has your organization identified which processes and technologies are required to adjust for the GDPR?
© 2017 SPLUNK INC. A day in the life of a GDPR Breach
© 2017 SPLUNK INC. What if tomorrow is
© 2017 SPLUNK INC. What if you’re responsible for Security?
© 2017 SPLUNK INC. You wake up in the morning and you even haven’t had your coffee
© 2017 SPLUNK INC. Your friendly Data Privacy Officer is on the phone
© 2017 SPLUNK INC. Someone claims to sell PI data you hold
© 2017 SPLUNK INC. How does the DPO know? Your threat Intelligence provider informed you and provided you samples
© 2017 SPLUNK INC. There is data in the deep web It may be your data!
© 2017 SPLUNK INC. He hangs up! What’s next?
© 2017 SPLUNK INC. Your incident investigation plan kicks in
© 2017 SPLUNK INC. Does your organization have an incident investigation process defined and in place in case you’re breached?
© 2017 SPLUNK INC. DPO IT PR/Media Team Legal (CEO) Coordination
© 2017 SPLUNK INC. Emergency call Emergency chatroom
© 2017 SPLUNK INC. The fire alarm button is pulled down
© 2017 SPLUNK INC. T- 72h
© 2017 SPLUNK INC. Internal Leak External Leak Incident commander T- 70h
© 2017 SPLUNK INC. “We need to investigate!!!” Reaching out to your security operations team T- 65h
© 2017 SPLUNK INC. People and Processes T- 60h
© 2017 SPLUNK INC. Where is that data stored in your environment? T- 55h
© 2017 SPLUNK INC. First Action Is data still leaking? T- 45h
© 2017 SPLUNK INC. How will you watch them? T- 40h
© 2017 SPLUNK INC. Nice, structured, tidy data T- 39h
© 2017 SPLUNK INC. Diving deep into the digital infrastructure T- 35h
© 2017 SPLUNK INC. time series, in motion, unstructured Machine data 42 T- 34h
© 2017 SPLUNK INC. It can be big data… T- 33h
© 2017 SPLUNK INC. … it is lazy T- 32h
© 2017 SPLUNK INC. … and it is hard to understand… T- 30h
© 2017 SPLUNK INC. Worst Case External authorities might come in to your organization and say: “Don’t stop it” T- 25h
© 2017 SPLUNK INC. Take response actions to stop data leakage T- 20h
© 2017 SPLUNK INC. Understand T- 15h
© 2017 SPLUNK INC. How much data will be needed for this?
© 2017 SPLUNK INC. Who processed your information? T- 10h
© 2017 SPLUNK INC. Which user or systems was involved? T- 8h
© 2017 SPLUNK INC. You know what you know You know what you don’t know Painting the picture T- 5h
© 2017 SPLUNK INC. Does your organization collect the machine data to analyse with your SIEM from all applications and systems that are processing personal information?
© 2017 SPLUNK INC. Maybe resulting in a non event? Puts the breach data subjects at risk?
© 2017 SPLUNK INC. Do individuals need to be informed additionally? How sensitive was the data?
© 2017 SPLUNK INC. before chatter explodes • Inform Authority • Inform affected Individuals • (Inform Public) As an organization you want to control the story T- 0h
© 2017 SPLUNK INC. Worst Practice: German Bundestag "The Trojans are still active," confirmed SPIEGEL ONLINE. According to data from several sources familiar with the case, Bundestag data from the ”Parliament" network continue to flow in an unknown direction.
© 2017 SPLUNK INC. Best Practice: ABTA Breach
© 2017 SPLUNK INC. Best Practice: ABTA Breach
© 2017 SPLUNK INC.
© 2017 SPLUNK INC. 2+ weeks later out of the news Example ABTA Breach
© 2017 SPLUNK INC.
© 2017 SPLUNK INC. Someone knocks on your door T+ 1 Week
© 2017 SPLUNK INC. Have you deployed “countermeasures appropriate to the risk”? Have you used “state of the art” best practices? Data Privacy Audits T+ 1 Week
© 2017 SPLUNK INC. Massive Fines T+ 1 Week
© 2017 SPLUNK INC. What did you know? When did you know? How did you know about it? Prove T+ 2 Weeks
© 2017 SPLUNK INC. Logs become your digital fingerprints
© 2017 SPLUNK INC. Why Splunk? Splunk can help
© 2017 SPLUNK INC. Prove GDPR security controls are enforced Splunk helps to detect, prevent and investigate breaches Search and report on personal data processing What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
© 2017 SPLUNK INC. Three Use Cases that bring different person’s on the same level and speak the same language, each: ▶ Real World Scenario (IT-Manager) ▶ Relevant GDPR Articles and what they mean (Data Privacy Officer) ▶ How machine data helps with (Splunk Champion) Whitepaper: How machine data helps with GDPR https://www.splunk.com/en_us/form/white-paper-how-machine-data-supports-gdpr-compliance.html https://www.splunk.com/de_de/form/wie-maschinendaten-die-eu-dsgvo.html https://www.splunk.com/fr_fr/form/les-donnees-machine-facilitent-la-conformite-au-rgpd.html
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Industry Leading Platform For Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc searchOn-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy MetersFirewall Intrusion Prevention Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Machine Data: Any Location, Type, Volume Answer Any Question
© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Industry Leading Platform For Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc searchOn-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy MetersFirewall Intrusion Prevention Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Machine Data: Any Location, Type, Volume Answer Any Question Any Amount, Any Location, Any Source Schema on-the-fly Universal indexing No back-end RDBMS No need to filter data
© 2017 SPLUNK INC. Download our Whitepaper “How machine supports GDPR compliance” ▶ https://www.splunk.com/en_us/form/whit e-paper-how-machine-data-supports- gdpr-compliance.html Ask for a Workshop ▶ GDPR Article Mapping ▶ Data Obfuscation Explore Splunk Hands on ▶ Cloud | Sandbox | On Prem ▶ www.splunk.com/ Machine data plays a critical role under the upcoming EU-GDPR and Splunk's universal machine data platform allows organizations to quickly ask any question they have.
© 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank You for attending ▶ Fill out our Survey Monkey to rate the webinar and give us feedback ▶ Questions

Empfohlen

A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany Splunk
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France Splunk
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk
 
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with SplunkReactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with SplunkSplunk
 
Build a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security PostureBuild a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security PostureSplunk
 

Empfohlen

A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany A Day in the Life of a GDPR Breach - September 2017: Germany
A Day in the Life of a GDPR Breach - September 2017: Germany Splunk
 
A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France A Day in the Life of a GDPR Breach - September 2017: France
A Day in the Life of a GDPR Breach - September 2017: France Splunk
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT1Splunk
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVOSplunk
 
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with SplunkReactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk
Reactive to Proactive: Intelligent Troubleshooting and Monitoring with SplunkSplunk
 
Build a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security PostureBuild a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security PostureSplunk
 
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware EditionSplunk
 
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17Splunk
 
Threat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise SecurityThreat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise SecuritySatnam Singh
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...Splunk
 
Splunk workshop-Threat Hunting
Splunk workshop-Threat HuntingSplunk workshop-Threat Hunting
Splunk workshop-Threat HuntingSplunk
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarSplunk
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallSplunk
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Splunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk
 
Splunk Threat Hunting Workshop
Splunk Threat Hunting WorkshopSplunk Threat Hunting Workshop
Splunk Threat Hunting WorkshopSplunk
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting WorkshopSplunk
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior AnalyticsSplunk
 
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOARPartner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOARSplunk
 
Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementSplunk
 
Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018YoungCho50
 
Splunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops SessionSplunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops SessionSplunk
 
Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017Splunk
 

Weitere ähnliche Inhalte

Was ist angesagt?

.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware EditionSplunk
 
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17Splunk
 
Threat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise SecurityThreat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise SecuritySatnam Singh
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...Splunk
 
Splunk workshop-Threat Hunting
Splunk workshop-Threat HuntingSplunk workshop-Threat Hunting
Splunk workshop-Threat HuntingSplunk
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarSplunk
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallSplunk
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Splunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk
 
Splunk Threat Hunting Workshop
Splunk Threat Hunting WorkshopSplunk Threat Hunting Workshop
Splunk Threat Hunting WorkshopSplunk
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting WorkshopSplunk
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior AnalyticsSplunk
 
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOARPartner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOARSplunk
 
Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementSplunk
 
Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018YoungCho50
 

Was ist angesagt? (20)

.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
.conf2016: Splunking the Endpoint: “Hands on!” Ransomware Edition
 
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17
 
Threat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise SecurityThreat Hunting with Deceptive Defense and Splunk Enterprise Security
Threat Hunting with Deceptive Defense and Splunk Enterprise Security
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
 
Splunk workshop-Threat Hunting
Splunk workshop-Threat HuntingSplunk workshop-Threat Hunting
Splunk workshop-Threat Hunting
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
 
Splunk Threat Hunting Workshop
Splunk Threat Hunting WorkshopSplunk Threat Hunting Workshop
Splunk Threat Hunting Workshop
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security Keynote
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM Workshop
 
Threat Hunting Workshop
Threat Hunting WorkshopThreat Hunting Workshop
Threat Hunting Workshop
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics
 
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOARPartner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
 
Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017Splunk ITOA Roundtable - Zurich: 30th November 2017
Splunk ITOA Roundtable - Zurich: 30th November 2017
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability Management
 
Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018
 

Andere mochten auch

Splunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops SessionSplunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops SessionSplunk
 
Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017Splunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 UpdateSplunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 UpdateSplunk
 
Rage WITH the machine, not against it: Machine learning for Event Management
Rage WITH the machine, not against it: Machine learning for Event ManagementRage WITH the machine, not against it: Machine learning for Event Management
Rage WITH the machine, not against it: Machine learning for Event ManagementSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event ManagementSplunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event ManagementSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat HuntingSplunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat HuntingSplunk
 

Andere mochten auch (6)

Splunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops SessionSplunk Discovery Dusseldorf: September 2017 - IT Ops Session
Splunk Discovery Dusseldorf: September 2017 - IT Ops Session
 
Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017Splunk Discovery Indianapolis - October 10, 2017
Splunk Discovery Indianapolis - October 10, 2017
 
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 UpdateSplunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
 
Rage WITH the machine, not against it: Machine learning for Event Management
Rage WITH the machine, not against it: Machine learning for Event ManagementRage WITH the machine, not against it: Machine learning for Event Management
Rage WITH the machine, not against it: Machine learning for Event Management
 
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event ManagementSplunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
Splunk Forum Frankfurt - 15th Nov 2017 - Machine Learning For Event Management
 
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat HuntingSplunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
 

Ähnlich wie A Day in the Life of a GDPR Breach

Splunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR ComplianceSplunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR ComplianceMarketingArrowECS_CZ
 
Learn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsLearn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsSplunk
 
SplunkLive! Paris 2017: Plenary Session - Splunk Overview
SplunkLive! Paris 2017: Plenary Session - Splunk OverviewSplunkLive! Paris 2017: Plenary Session - Splunk Overview
SplunkLive! Paris 2017: Plenary Session - Splunk OverviewSplunk
 
Machine Learning für Event Management
Machine Learning für Event ManagementMachine Learning für Event Management
Machine Learning für Event ManagementSplunk
 
The effects of the GDPR
The effects of the GDPRThe effects of the GDPR
The effects of the GDPRiText Group nv
 
ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]TrustArc
 
EU GDPR- The Countdown to Compliance, Research Study Highlights
EU GDPR- The Countdown to Compliance, Research Study Highlights EU GDPR- The Countdown to Compliance, Research Study Highlights
EU GDPR- The Countdown to Compliance, Research Study Highlights Blancco
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...Splunk
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...AIIM International
 
What Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityWhat Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityReading Works Detroit
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
How security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applicationsHow security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applicationsSplunk
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...TrustArc
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir
 

Ähnlich wie A Day in the Life of a GDPR Breach (20)

What you will take away from this session
What you will take away from this sessionWhat you will take away from this session
What you will take away from this session
 
Splunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR ComplianceSplunk: How Machine Data Supports GDPR Compliance
Splunk: How Machine Data Supports GDPR Compliance
 
Learn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsLearn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security Operations
 
SplunkLive! Paris 2017: Plenary Session - Splunk Overview
SplunkLive! Paris 2017: Plenary Session - Splunk OverviewSplunkLive! Paris 2017: Plenary Session - Splunk Overview
SplunkLive! Paris 2017: Plenary Session - Splunk Overview
 
Machine Learning für Event Management
Machine Learning für Event ManagementMachine Learning für Event Management
Machine Learning für Event Management
 
The effects of the GDPR
The effects of the GDPRThe effects of the GDPR
The effects of the GDPR
 
ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]
 
EU GDPR- The Countdown to Compliance, Research Study Highlights
EU GDPR- The Countdown to Compliance, Research Study Highlights EU GDPR- The Countdown to Compliance, Research Study Highlights
EU GDPR- The Countdown to Compliance, Research Study Highlights
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
[Webinar Slides] Data Privacy Solving Negligence, Bad Practices, Access Contr...
 
What Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in CybersecurityWhat Small Business Can Do To Protect Themselves Now in Cybersecurity
What Small Business Can Do To Protect Themselves Now in Cybersecurity
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_Kukreja
 
GDPR: Where should you be right now? - Dennis Slattery, EDM Works
GDPR: Where should you be right now? - Dennis Slattery, EDM WorksGDPR: Where should you be right now? - Dennis Slattery, EDM Works
GDPR: Where should you be right now? - Dennis Slattery, EDM Works
 
How security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applicationsHow security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applications
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider Threats
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 

Mehr von Splunk

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTVSplunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College LondonSplunk
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSplunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability SessionSplunk
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - KeynoteSplunk
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform SessionSplunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security SessionSplunk
 

Mehr von Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Kürzlich hochgeladen

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

A Day in the Life of a GDPR Breach

  • 1. © 2017 SPLUNK INC.© 2017 SPLUNK INC. A day in the life of a GDPR breach The General Data Protection Regulation of the European Union Elizabeth Davies | Director Risk Management and Data Protection, Data Protection Officer (DPO), Splunk Matthias Maier | Director Security Product Marketing EMEA September 2017 Name Title
  • 2. © 2017 SPLUNK INC. Elizabeth Davies Matthias Maier ▶ Director Risk Management and Data Protection, Data Protection Officer (DPO) ▶ Director Security Product Marketing EMEA Your hosts of today From Splunk
  • 3. © 2017 SPLUNK INC. Legal Disclaimer 3 The information in this presentation was compiled from sources believed to be reliable for informational and discussion purposes only. The information contained herein is not intended to constitute legal advice. You should consult with your own legal teams when developing programs and policies. You should not take, or refrain from taking, action based on its content. We do not guarantee the accuracy of this information and assume no liability in connection with therewith.
  • 4. © 2017 SPLUNK INC. What’s the GDPR What activities are happening within organizations to prepare for What tools and processes a DPO relies on How a day in the life of a GDPR breach can look like Why Splunk What you will learn
  • 5. © 2017 SPLUNK INC. Has your organization already started to prepare for the GDPR?
  • 6. © 2017 SPLUNK INC. DPO’s View
  • 7. © 2017 SPLUNK INC. An Outsider’s Perspective On GDPR Why GDPR Is So Important to US Security First Mindset Agenda GDPR: Quick Overview
  • 8. © 2017 SPLUNK INC. Individual Rights (Right of Access, Rectification, Erasure, Portability, Restriction) (Arts. 15-20) Record of Processing Activities (Data Mapping and DPIA—Art. 30/35) Breach Notification (Art. 33-34) Secure Processing (Art. 32) GDPR GDPR: General Data Protection Regulation Highlights of Key Areas
  • 9. © 2017 SPLUNK INC. Your Vendors (Processors) Must Report Events to Your Business Your Business (Controllers) Must Report to the Authorities (DPAs) You Business May Also Need to Report to the Individual Affected GDPR: Breach Notification Across EU A harmonized/tiered reporting obligation, but with tight response times (72 hours) Reporting Obligations: Your Business, Authorities and Affected Individuals
  • 10. © 2017 SPLUNK INC. Your Vendor Notifies Your Business Your Business Notifies the DPA Your Business Notifies the Individual Affected When Do You Need to Report? Without “Undue Delay” and Often within 72 hours Without undue delay after becoming aware of breach Not later than 72 hours after becoming aware of breach if likely to result in risk to rights and freedoms Without undue delay if likely to result in high risk to rights and freedoms
  • 11. © 2017 SPLUNK INC. ▶ Nature of the breach, including category/number of affected individuals and categories/number of personal data records concerned ▶ Contact info—if you have a DPO theirs are required ▶ Likely consequences of breach ▶ Measures taken to mitigate breach What Do You Need to Report? At a minimum, the following:
  • 12. © 2017 SPLUNK INC. Detection + Escalation (Global: $0.99M) Notification (Global: $0.19M) Post-Breach Response (Global: $0.93M) Lost Business (Global: $1.51M) Costs of Data Breaches (Global Average Costs Per Breach) Source: Ponemon Inst. 2017 Cost of Data Breach Study – United States and 2017 Cost of Data Breach Study - Global Average total cost of data breach Global: $3.62M $
  • 13. © 2017 SPLUNK INC. You will need log file reporting tools to help you determine: • If you have a breach—unauthorized access, disclosure, leak of information • If the breach is consequential enough to report—what kind of information was exposed, for how long, how many affected, was it anonymized/encrypted, etc. • What steps you will need to take to mitigate—take systems or users off line, shunt access, create sink holes, etc. So What Can You Do to Prepare? Some essential tools will help
  • 14. © 2017 SPLUNK INC. ▶ At Splunk, our employees are our canaries in the coal mine ▶ You can’t notify customers, DPAs, or consumers, if you don’t know there is a problem ▶ No DPO/CPO/CISO/CIO can be everywhere, all the time ▶ Loss, destruction, leakage, unauthorized access—they can happen anywhere, not simply at your firewall ▶ You need everyone to play their part You Will Also Need Training It takes a village (Security/IT/Legal/Customer Relations/Marketing/HR)
  • 15. © 2017 SPLUNK INC. • Eliminate duplication, streamline and enhance baseline education for all • Supplemental training where needed Enhanced Privacy/Security Training • Enhance first responder base when needed • Develop org-wide “muscle memory" Volunteer Firefighting • Enhance messaging campaign globally about who, when and where to report security/privacy events • Make this know-how second nature Revised IR Plan Enhanced Messaging At Splunk, We Are Focusing On Three Key Areas All designed to get us ready for May 2018
  • 16. © 2017 SPLUNK INC. 1. Security and Privacy are team sports—rally your team (Security/IT/Legal/HR/Marketing/Customer Relations) 2. Training and IR Plan updates can be done easily and quickly—an ounce of prevention is worth a pound of cure 3. Don’t get overwhelmed, it won’t help 4. Put together a workable—not a perfect—plan and get going 5. Start with the easy stuff first—build team confidence Don’t let perfection be the enemy of the good—GDPR is here to stay—plenty of time ahead to improve Key Takeaways
  • 17. © 2017 SPLUNK INC. Helen Keller “Life is either a great adventure or nothing.”
  • 18. © 2017 SPLUNK INC. Has your organization identified which processes and technologies are required to adjust for the GDPR?
  • 19. © 2017 SPLUNK INC. A day in the life of a GDPR Breach
  • 20. © 2017 SPLUNK INC. What if tomorrow is
  • 21. © 2017 SPLUNK INC. What if you’re responsible for Security?
  • 22. © 2017 SPLUNK INC. You wake up in the morning and you even haven’t had your coffee
  • 23. © 2017 SPLUNK INC. Your friendly Data Privacy Officer is on the phone
  • 24. © 2017 SPLUNK INC. Someone claims to sell PI data you hold
  • 25. © 2017 SPLUNK INC. How does the DPO know? Your threat Intelligence provider informed you and provided you samples
  • 26. © 2017 SPLUNK INC. There is data in the deep web It may be your data!
  • 27. © 2017 SPLUNK INC. He hangs up! What’s next?
  • 28. © 2017 SPLUNK INC. Your incident investigation plan kicks in
  • 29. © 2017 SPLUNK INC. Does your organization have an incident investigation process defined and in place in case you’re breached?
  • 30. © 2017 SPLUNK INC. DPO IT PR/Media Team Legal (CEO) Coordination
  • 31. © 2017 SPLUNK INC. Emergency call Emergency chatroom
  • 32. © 2017 SPLUNK INC. The fire alarm button is pulled down
  • 33. © 2017 SPLUNK INC. T- 72h
  • 34. © 2017 SPLUNK INC. Internal Leak External Leak Incident commander T- 70h
  • 35. © 2017 SPLUNK INC. “We need to investigate!!!” Reaching out to your security operations team T- 65h
  • 36. © 2017 SPLUNK INC. People and Processes T- 60h
  • 37. © 2017 SPLUNK INC. Where is that data stored in your environment? T- 55h
  • 38. © 2017 SPLUNK INC. First Action Is data still leaking? T- 45h
  • 39. © 2017 SPLUNK INC. How will you watch them? T- 40h
  • 40. © 2017 SPLUNK INC. Nice, structured, tidy data T- 39h
  • 41. © 2017 SPLUNK INC. Diving deep into the digital infrastructure T- 35h
  • 42. © 2017 SPLUNK INC. time series, in motion, unstructured Machine data 42 T- 34h
  • 43. © 2017 SPLUNK INC. It can be big data… T- 33h
  • 44. © 2017 SPLUNK INC. … it is lazy T- 32h
  • 45. © 2017 SPLUNK INC. … and it is hard to understand… T- 30h
  • 46. © 2017 SPLUNK INC. Worst Case External authorities might come in to your organization and say: “Don’t stop it” T- 25h
  • 47. © 2017 SPLUNK INC. Take response actions to stop data leakage T- 20h
  • 48. © 2017 SPLUNK INC. Understand T- 15h
  • 49. © 2017 SPLUNK INC. How much data will be needed for this?
  • 50. © 2017 SPLUNK INC. Who processed your information? T- 10h
  • 51. © 2017 SPLUNK INC. Which user or systems was involved? T- 8h
  • 52. © 2017 SPLUNK INC. You know what you know You know what you don’t know Painting the picture T- 5h
  • 53. © 2017 SPLUNK INC. Does your organization collect the machine data to analyse with your SIEM from all applications and systems that are processing personal information?
  • 54. © 2017 SPLUNK INC. Maybe resulting in a non event? Puts the breach data subjects at risk?
  • 55. © 2017 SPLUNK INC. Do individuals need to be informed additionally? How sensitive was the data?
  • 56. © 2017 SPLUNK INC. before chatter explodes • Inform Authority • Inform affected Individuals • (Inform Public) As an organization you want to control the story T- 0h
  • 57. © 2017 SPLUNK INC. Worst Practice: German Bundestag "The Trojans are still active," confirmed SPIEGEL ONLINE. According to data from several sources familiar with the case, Bundestag data from the ”Parliament" network continue to flow in an unknown direction.
  • 58. © 2017 SPLUNK INC. Best Practice: ABTA Breach
  • 59. © 2017 SPLUNK INC. Best Practice: ABTA Breach
  • 61. © 2017 SPLUNK INC. 2+ weeks later out of the news Example ABTA Breach
  • 63. © 2017 SPLUNK INC. Someone knocks on your door T+ 1 Week
  • 64. © 2017 SPLUNK INC. Have you deployed “countermeasures appropriate to the risk”? Have you used “state of the art” best practices? Data Privacy Audits T+ 1 Week
  • 65. © 2017 SPLUNK INC. Massive Fines T+ 1 Week
  • 66. © 2017 SPLUNK INC. What did you know? When did you know? How did you know about it? Prove T+ 2 Weeks
  • 67. © 2017 SPLUNK INC. Logs become your digital fingerprints
  • 68. © 2017 SPLUNK INC. Why Splunk? Splunk can help
  • 69. © 2017 SPLUNK INC. Prove GDPR security controls are enforced Splunk helps to detect, prevent and investigate breaches Search and report on personal data processing What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
  • 70. © 2017 SPLUNK INC. Three Use Cases that bring different person’s on the same level and speak the same language, each: ▶ Real World Scenario (IT-Manager) ▶ Relevant GDPR Articles and what they mean (Data Privacy Officer) ▶ How machine data helps with (Splunk Champion) Whitepaper: How machine data helps with GDPR https://www.splunk.com/en_us/form/white-paper-how-machine-data-supports-gdpr-compliance.html https://www.splunk.com/de_de/form/wie-maschinendaten-die-eu-dsgvo.html https://www.splunk.com/fr_fr/form/les-donnees-machine-facilitent-la-conformite-au-rgpd.html
  • 71. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Industry Leading Platform For Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc searchOn-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy MetersFirewall Intrusion Prevention Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Machine Data: Any Location, Type, Volume Answer Any Question
  • 72. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Industry Leading Platform For Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc searchOn-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy MetersFirewall Intrusion Prevention Platform Support (Apps / API / SDKs) Enterprise Scalability Universal Indexing Machine Data: Any Location, Type, Volume Answer Any Question Any Amount, Any Location, Any Source Schema on-the-fly Universal indexing No back-end RDBMS No need to filter data
  • 73. © 2017 SPLUNK INC. Download our Whitepaper “How machine supports GDPR compliance” ▶ https://www.splunk.com/en_us/form/whit e-paper-how-machine-data-supports- gdpr-compliance.html Ask for a Workshop ▶ GDPR Article Mapping ▶ Data Obfuscation Explore Splunk Hands on ▶ Cloud | Sandbox | On Prem ▶ www.splunk.com/ Machine data plays a critical role under the upcoming EU-GDPR and Splunk's universal machine data platform allows organizations to quickly ask any question they have.
  • 74. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank You for attending ▶ Fill out our Survey Monkey to rate the webinar and give us feedback ▶ Questions