GDPR-Regulated Data Is Lurking In Unexpected Places

A recent study showed that over 60 percent of corporate data is stored on employee endpoints. And yet, as companies work to ensure compliance with the new General Data Protection Regulation (GDPR), they still may be overlooking a few key areas. 

The GDPR globally impacts the processing of all personal data on EU residents and takes effect on May 25, 2018. 


The challenge is personal data doesn’t just live in your customer relationship management (CRM) system, it also exists in a more unstructured way on your company’s endpoints.

To protect company assets and meet GDPR compliance standards, organisations need to have a firm understanding of where personal data resides, including where it is created, used and stored. 
Failure to secure user endpoints could mean major fines as well as damage to customer relationships and brand reputation.

To secure potentially vulnerable endpoints, companies need to conduct a detailed impact assessment of their data systems. An important initial step in this assessment is defining what constitutes personal data. 

Because the definition can vary based on context and from country to country, your company should work with its legal counsel to gain clarity.

To contact the GDPR Advisory Board please visit:  www.gdpr-board.co.uk

Threatbrief

You Might Also Read: 

Your Questions Answered By The GDPR Advisory Board:

GDPR For Dummies:

 

« Russian Spies Hacked The Korean Olympics
UK Cyber Attacks Will ‘Get Worse’ Post-Brexit »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

SITA

SITA

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry including vulnerability assessments and managed security services.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

WebSec

WebSec

WebSec is a cybersecurity firm based in Amsterdam (NL) and Wyoming (US), specializing in offensive security services including penetration testing, red teaming, and tailored security assessments.

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) - Singapore

Security & Intelligence Division (SID) protects Singapore from external threats and safeguards its interests in areas related to terrorism, cyber security, other transnational threats, and geopolitics

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

Nomios

Nomios

Nomios develops innovative solutions for your security and network challenges. We design, secure and manage your digital infrastructure.

SLVA Cybersecurity

SLVA Cybersecurity

SLVA Cybersecurity excel at delivering security-as-a-service, fit-for-purpose, within the constraints of realistic budgets and business expectations.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.

Verosint

Verosint

Verosint (formerly 443ID) provides real-time account fraud prevention that reveals fraudsters hiding in user accounts and proactively blocks them before their attacks can cause harm.

Ryan Financial Lines

Ryan Financial Lines

Ryan Financial Lines Cyber provides risk transfer solutions for complex cyber and technology exposures, globally.

X-PHY

X-PHY

X-PHY is a pioneering cybersecurity company dedicated to hardware-based cybersecurity solutions that protect data at its core.