Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
Download as PPTX, PDF2 likes398 views
This document discusses the EU General Data Protection Regulation (GDPR) and how Splunk can help organizations comply with it. It provides an overview of key GDPR requirements such as fines, data breach notification timelines, and mandatory privacy impact assessments. It then describes a hypothetical scenario where an organization experiences a data breach and must quickly investigate and respond to meet GDPR obligations. Finally, it outlines several Splunk resources that can help organizations use machine data to support GDPR requirements like breach investigation, security monitoring, and personal data processing.
Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO
- 1. © 2017 SPLUNK INC. Splunk und die EU-DSGVO Matthias Maier | Director Product Marketing EMEA NOVEMBER 15 | FRANKFURT
- 2. © 2017 SPLUNK INC. During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved. Forward-Looking Statements
- 3. © 2017 SPLUNK INC. GDPR Timelines ▶ The regulation is binding across all EU members states January, 2012 Commissioner Proposed reform to Data Protection regulation May, 2018 Effective Data Protection Framework comes into force (25th May, 2018) April, 2016 EU Council adopted new regulation December, 2015 EU agreement on regulation
- 4. © 2017 SPLUNK INC. Key Features of GDPR/DSGVO Applicable to any company doing business in the European Union European Data Protection Harmonization Fines up to €20m or 4% of turnover Mandatory Privacy Impact Assessments Privacy by Design & Default 72 Hour Breach Notification Mandatory Data Erasure & Portability Consent for Personal Data Profiling
- 5. © 2017 SPLUNK INC. Ein Datendiebstahl unter der neuen EU- DSGVO
- 6. © 2017 SPLUNK INC. What if tomorrow is
- 7. © 2017 SPLUNK INC. What if you’re responsible for Security?
- 8. © 2017 SPLUNK INC. You wake up in the morning and you even haven’t had your coffee
- 9. © 2017 SPLUNK INC. Your friendly Data Privacy Officer is on the phone
- 10. © 2017 SPLUNK INC. Someone claims to sell PI data you hold
- 11. © 2017 SPLUNK INC. There is data in the deep web It may be your data!
- 12. © 2017 SPLUNK INC. He hangs up! What’s next?
- 13. © 2017 SPLUNK INC. Your incident investigation plan kicks in
- 14. © 2017 SPLUNK INC. DPO IT PR/Media Team Legal (CEO) Coordination
- 15. © 2017 SPLUNK INC. Emergency call Emergency chatroom
- 16. © 2017 SPLUNK INC. The fire alarm button is pulled down
- 17. © 2017 SPLUNK INC. T- 72h
- 18. © 2017 SPLUNK INC. Internal Leak External Leak Incident commander T- 70h
- 19. © 2017 SPLUNK INC. “We need to investigate!!!” Reaching out to your security operations team T- 65h
- 20. © 2017 SPLUNK INC. People and Processes T- 60h
- 21. © 2017 SPLUNK INC. Where is that data stored in your environment? T- 55h
- 22. © 2017 SPLUNK INC. First Action Is data still leaking? T- 45h
- 23. © 2017 SPLUNK INC. How will you watch them? T- 40h
- 24. © 2017 SPLUNK INC. Nice, structured, tidy data T- 39h
- 25. © 2017 SPLUNK INC. Diving deep into the digital infrastructure T- 35h
- 26. © 2017 SPLUNK INC. time series, in motion, unstructured Machine data 26 T- 34h
- 27. © 2017 SPLUNK INC. It can be big data… T- 33h
- 28. © 2017 SPLUNK INC. … it is lazy T- 32h
- 29. © 2017 SPLUNK INC. … and it is hard to understand… T- 30h
- 30. © 2017 SPLUNK INC. Take response actions to stop data leakage T- 20h
- 31. © 2017 SPLUNK INC. Understand T- 15h
- 32. © 2017 SPLUNK INC. How much data will be needed for this?
- 33. © 2017 SPLUNK INC. Who processed your information? T- 10h
- 34. © 2017 SPLUNK INC. Which user or systems was involved? T- 8h
- 35. © 2017 SPLUNK INC. You know what you know You know what you don’t know Painting the picture T- 5h
- 36. © 2017 SPLUNK INC. Maybe resulting in a non event? Puts the breach data subjects at risk?
- 37. © 2017 SPLUNK INC. Do individuals need to be informed additionally? How sensitive was the data?
- 38. © 2017 SPLUNK INC. before chatter explodes • Inform Authority • Inform affected Individuals • (Inform Public) As an organization you want to control the story T- 0h
- 39. © 2017 SPLUNK INC. Worst Practice: German Bundestag "The Trojans are still active," confirmed SPIEGEL ONLINE. According to data from several sources familiar with the case, Bundestag data from the ”Parliament" network continue to flow in an unknown direction.
- 40. © 2017 SPLUNK INC. Best Practice: ABTA Breach
- 41. © 2017 SPLUNK INC. Best Practice: ABTA Breach
- 42. © 2017 SPLUNK INC.
- 43. © 2017 SPLUNK INC. 2+ weeks later out of the news Example ABTA Breach 43
- 44. © 2017 SPLUNK INC.
- 45. © 2017 SPLUNK INC. Someone knocks on your door T+ 1 Week
- 46. © 2017 SPLUNK INC. Have you deployed “countermeasures appropriate to the risk”? Have you used “state of the art” best practices? Data Privacy Audits T+ 1 Week
- 47. © 2017 SPLUNK INC. Massive Fines T+ 1 Week
- 48. © 2017 SPLUNK INC. What did you know? When did you know? How did you know about it? Prove T+ 2 Weeks
- 49. © 2017 SPLUNK INC. Logs become your digital fingerprints
- 50. © 2017 SPLUNK INC. Why Splunk? Splunk can help
- 51. © 2017 SPLUNK INC. Prove GDPR security controls are enforced Splunk helps to detect, prevent and investigate breaches Search and report on personal data processing What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
- 52. © 2017 SPLUNK INC. Three Use Cases that bring different person’s on the same level and speak the same language, each: ▶ Real World Scenario (IT-Manager) ▶ Relevant GDPR Articles and what they mean (Data Privacy Officer) ▶ How machine data helps with (Splunk Champion) Whitepaper: How machine data helps with GDPR https://www.splunk.com/en_us/form/white-paper-how-machine-data-supports-gdpr-compliance.html https://www.splunk.com/de_de/form/wie-maschinendaten-die-eu-dsgvo.html https://www.splunk.com/fr_fr/form/les-donnees-machine-facilitent-la-conformite-au-rgpd.html
- 53. © 2017 SPLUNK INC. Splunk Support for the GDPR Journey How to use Machine Data for GDPR Whitepaper outlining how machine data can support GDPR Splunk Data Obfuscation How to protect data using anonymisation, pseudonymisation & encryption in Splunk .conf Session – Angelo Brancato and Dirk Nitschke Splunk GDPR Support GDPR Workshop Map analytics capabilities to GDPR security monitoring & reporting needs How to handle log data in your SIEM under GDPR FAQ’s answered from Freddy Dezeure, Former Head of. CERT-EU .conf Session
- 54. © 2017 SPLUNK INC.© 2017 SPLUNK INC. NOVEMBER 15 | FRANKFURT