SECURITY

Strengthen Your SIEM And Be Ready For The GDPR

Matthias Maier By Matthias Maier March 27, 2018

While many organisations have been preparing for the GDPR for months, some may only just be starting now. Others may even have the strategy to wait and see what might happen after 25th May, to observe reference cases and the level of predicted fines in practice. Whatever your company’s position is, I want to share two different views that should be urgently considered if you own a SIEM solution.

How your SIEM solution supports the GDPR compliance program of your organisation

Your SIEM plays an important role to fulfill many requirements that the GDPR asks for. For example, Article 32 requires your organisation to assess and evaluate the effectiveness of technical and organisational measures, ensuring the security of data processing. In addition to this, Article 33 is in place with the need for better scoping of incidents, identifying if an incident lead to a breach, how sensitive the disclosed data is, and what needs to be reported. However, there are also less obvious articles under the GDPR where your SIEM is the best solution to help you (e.g. Article 6,15-18, 21, 22, 28, 58 and 82).

Often it’s a challenge to translate the non-technical legal requirements into actionable items. To help with this, we have created the below materials. Within each is an interpretation of the law, what it means for an organisation's business, and what you should do about it:

Splunk GDPR reminder keyboard press

 

Don't break GDPR compliance with your SIEM

Whatever SIEM solution you operate, it is highly likely that personal information is captured in the log data such as phone numbers, email addresses, cookies, RFID’s, geolocation and more. If it can identify an individual in combination with other data, you must ensure that you’re not in breach of the GDPR compliance. To help give guidance on this, we have conducted detailed analysis on how you should treat your SIEM solution, and log data under the GDPR. We invited Freddy Dezeure, former head of CERT-EU, to provide advice on how to operate your SIEM in compliance with the GDPR:

Splunk GDPR reminder weak link

It’s important to get yourself and your SIEM solution ready, as the journey won’t end when the GDPR comes into effect. There’s a lot that we will all learn in the lead up to 25th May, and probably more so beyond.

Best

Matthias

Matthias Maier
Posted by

Matthias Maier

Matthias Maier is Product Marketing Director at Splunk, as well as a technical evangelist in EMEA, responsible for communicating Splunk's go-to market strategy in the region. He works closely with customers to help them understand how machine data reveals new insights across application delivery, business analytics, IT operations, Internet of Things, and security and compliance. Matthias has a particular interest and expertise in security, and is the author of the Splunk App for IP Reputation. Previously, Matthias worked at TIBCO LogLogic and McAfee as a senior technical consultant. He is also a regular speaker at conferences on a range of enterprise technology topics.

TAGS
SIEM Compliance EMEA
Show All Tags
Show Less Tags