edgescan & GDPR: Improving compliance and reducing the cost of cybersecurity
Navigating GDPR from a cyber security perspective….. Update - September 2017 Some people still don't know where to start with GDPR. Here are some simple key points to kick you off.... Identify the personal data you collect and where data is stored - Is it stored appropriately how are you protecting the data from a cyber standpoint? Are your applications secure, regularly tested, designed with security in mind? Can you prove this? Review your internal policies including a review of security breach response policy. - Incident response, DR and BCP. What happens if something goes badly wrong. Whats happens in the event of a breach? Do I have mitigation controls and notification procedures in place? Review the type of data processing carried out, identify the legal basis for the processing and document it. - do you need all that client data you possess and do you have a legal basis for storing client data. Review how you handle all applicable client's r