5 Ways GDPR Will Change the Way We Do Business

May 10, 2018
By Jannine Mahone

Do you recall one of the largest breaches of personal data in 2017?

March 2017, Dun and Bradstreet: 33.6 million files.¹ This data contained names, email addresses and telephone numbers. Although this is information that Dun and Bradstreet notes would “typically be found on a business card,” this data is included under the European Union General Data Protection Regulation (GDPR) definition of personal data.

According to the GDPR principles set out in Article 5, personal data must be: ²
(a) Processed lawfully, fairly and in a transparent manner
(b) Collected for specified, explicit and legitimate purposes
(c) Limited to what is necessary in relation to the purpose for which it is processed
(d) Accurate, relevant and kept up to date
(e) Kept and stored for no longer than necessary for the purpose it was processed and in accordance with appropriate technical and organizational measures
(f) Processed in a manner that ensures appropriate security that protects against unauthorized or unlawful processing, loss, destruction or damage

Companies need to consider two key factors: accountability and compliance. Under GDPR, companies will be more accountable for their handling of personal information. Key changes many companies will need to make are:

Change how they collect, use and transfer personal data
Make changes to or implement new IT systems dedicated to maintaining appropriate technical and organizational measures with a level of security appropriate to the risk
Update privacy notices, policies, and contracts and terms with suppliers, customers, resellers and others
Consider data privacy in product design by default, which may include pseudonymization and encryption of personal data
Organizations must be able to notify the relevant supervisory authorities of a breach within 72 hours of discovery³

For a more detailed view of what organizations need to know to prepare for GDPR in the short time that is left, read our white paper.

¹ Dun & Bradstreet database breached, 33.6M les vulnerable. https://www.scmagazine.com/dun-bradstreet-database-breached-336m-files-vulnerable/article/644419/
² See Article 33: https://gdpr-info.eu/art-33-gdpr/
³ Official GDPR Text (PDF): http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf

Five Steps to Help CISOs Manage Financial Firms’ Risk in the Age of Elastic Compute and Technology

Posted: July 11, 2018

Twitter: @tomdotdolan Financial services firms seeking competitive advantage and market success continue to face enormous pressure to innovate as they develop cutting-edge offerings. Ultimately needing scalable, available technology to drive future success. The big challenge is how to dynamically extend security and compliance to a changing business architecture powered by elastic compute and technological complexity. […]

0 comments

Ensuring Secure Elections

Posted: June 28, 2018

Securing the vote by protecting “unsecurable” and outdated voting machines Time is running out to secure America’s election systems. Before we know it, it will be Tuesday, November 6th, election day, and we will be headed to the polls to cast votes for the 435 U.S. House, 35 U.S. Senate, 36 gubernatorial elections and many […]

0 comments

Surviving a Ransomware Attack – Why You Need Visibility

Posted: June 20, 2018

Twitter: @smtaylor12 It’s 8AM on a Monday morning and you have just arrived to work with a fresh cup of coffee in hand ready to start the work week. Like every workday morning, you begin by booting your PC and logging into Windows. This time, however, you don’t see the familiar grassy knoll wallpaper but […]

0 comments

Sign up for ForeScout News.

Sign up for a visit.

Thank you for your interest in ForeScout.