Globalisation and rapid technological developments – from cloud computing to location services to social networking – have led to a significant increase in the scale of personal data that private companies and public authorities collect and share.
These trends are key drivers behind GDPR, which goes into effect May 25, 2018, replacing the EU Data Protection Directive enacted in 1995. GDPR modernises EU data protection rules and establishes a single, harmonised EU law, replacing the patchwork of national laws currently in effect across the 28 EU member countries.
It is estimated that the GDPR will result in €2.3 billion in economic benefits per year as a result of reducing legal complexity and making it easier for businesses to expand operations throughout the EU, according to the Justice and Consumers Department of the European Commission.
The GDPR will be implemented locally, with each EU member state appointing a managing supervisory authority. Its impact will also be felt beyond EU borders as the legislation applies to any organisation that holds or processes EU citizen data in relation to offering goods and services, or that monitors individuals within the EU, regardless of where that organisation is based.
Vectra AI augments cybersecurity teams and provides key technical capabilities needed to comply with the GDPR.
GDPR Overview: Key Features and Benefits
Key features of the GDPR include:
- The personal data of EU residents is protected, no matter where it is sent, processed or stored, even outside the EU. “Personal data” means any information relating to an identified or identifiable natural person.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. - Organisations need to obtain explicit, informed consent from an individual to collect and process their personal data.
- Individuals gain the right to data portability from one provider to another; to have their personal data erased; and to object to their data being used for the purposes of profiling.
- Individuals have the right to know when their data is hacked; in high-risk cases (for example, where identify theft is a concern), companies and organisations must notify individuals of a data breach within 72 hours.
A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. - Under the “one-stop-shop” principle, a company with subsidiaries in several EU member states will only have to deal with the supervisory authority in the country where it is headquartered or locates its principle establishment.
- Any organisation, whether or not it is established in the EU, will have to apply the EU data protection law if they want to offer goods and services in the EU or monitor the behavior of EU residents.
- Data processors and controllers may only transfer data outside the EU if they put in place appropriate safeguards and if individuals have enforceable rights and legal remedies.
The processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
A controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. - GDPR supervisory authorities have a range of sanctions at their disposal, including written warnings, audits, and punitive fines of up to the greater of €20,000,000 or 4% of annual worldwide revenues. The following sections highlight the data protection and impact assessment aspects of the GDPR and detail how the Vectra AI-driven threat detection and response platform contributes to GDPR compliance and helps protect personal data by providing continuous, automated threat surveillance and detection across an organisation’s network. By automating the hunt for hidden cyber attackers inside networks and enabling faster incident response to stop active threats, Vectra condenses weeks and months of work into minutes so security teams to act quickly to prevent data theft or damage.
Key GDPR Data Protection Requirements
The GDPR is a robust set of regulations that covers rights and responsibilities, which include a broad requirement that organisations provide “data protection by design and by default.”
That is, organisations are expected to design security into their operations and utilise technologies and services that have built-in data protection safeguards and privacy-friendly default settings, such as on social networks or mobile apps.
The GDPR provides specific suggestions for what kinds of security actions might be considered appropriate to the risk, including:
- Encrypting personal data and/or making it anonymous or using a numeric or another identifier as a pseudonym for an individual’s name.
- Ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- Restoring availability and access to personal data in a timely manner in the event of a physical or technical incident.
- Regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
In addition, the GDPR calls for the designation of a data protection officer (DPO). The individual in this role is responsible for data protection implementation, compliance and reporting within an organisation. The DPO may fulfil other tasks and duties. For example, a chief information security officer can also be a DPO.
Vectra AI helps organisations address the GDPR
Complying with the GDPR requires putting appropriate technologies and processes in place. Vectra AI augments cybersecurity teams and provides key technical capabilities needed to comply with the GDPR.
Vectra AI supports data protection by providing continuous, nonstop network traffic monitoring, real-time threat detection, triage, and incident reporting. Using artificial intelligence and attacker behaviour analytics, Vectra AI automatically hunts down active cyber threats across the enterprise network, from cloud and data centre workloads to user and IoT devices.
Vectra AI automates many of the labour-intensive tasks that are typically the responsibility of Tier 1 cybersecurity analysts and incident response teams. By automating these tasks, Vectra AI dramatically reduces the time spent on threat investigations by up to 90%, enabling security teams to focus on data loss prevention and mitigation. Key capabilities of the Vectra AI driven platform include:
- Continuous monitoring and analysis of all network traffic, including Internet-bound traffic and internal network traffic between physical and virtual hosts with an IP address – such as laptops, servers, printers, BYOD, and IoT devices – regardless of the device type, operating system or application.
- Real-time visibility into network traffic by extracting metadata from packets rather than performing deep packet inspection allows protection without prying into personal or sensitive payload information.
- Analysis of metadata from captured packets with behavioural detection algorithms that spot hidden and unknown attackers, whether traffic is encrypted or not.
- Deterministic identification of attack behaviors, including the use of remote access Trojans, encrypted tunnels, botnet behaviors, ransomware, insider attackers, and targeted advance threats.
Vectra AI persistently tracks threats over time and across all phases of an attack, ranging from command and control (C&C), internal reconnaissance, lateral movement and, critically for GDPR, data exfiltration behaviors. - Automatic correlation of threats with host devices under attack and threat detection details that include host context, packet captures, the seriousness of the threat, and certainty scores.
- Support for adaptive cybersecurity through an iterative process of improvement that leverages the work of the Vectra Threat Labs™, a group of highly-skilled security researchers, as well as behavioral detection algorithms that constantly learn from the local environment and from global trends.
How Vectra AI supports key GDPR requirements
The following table details the various ways in which Vectra AI helps organisations address specific elements of the GDPR requirements.
Vectra AI assists in enforcing data handling standards by alerting cybersecurity staff when data is transferred between parties in a manner that violates or is not consistent with established practices.
Vectra AI lets security staff see what is getting past their defences by providing alerts about precursor threat behaviours.
Security teams receive concise explanations of each detection, including possible triggers, root causes, business impacts, and steps to verify.
Vectra AI constantly monitors the communication between applications, tools and systems.
Protecting Personal Data Under GDPR with Vectra AI
The uniform application of the GDPR across EU member states should make it easier for organisations to establish compliant data security regimes and breach notification procedures. Having appropriate tools and technologies in place is key.
Unfortunately, detection and response to cyber attacks is often a slow affair. According to the M-Trends 2016 report, it takes an average of 146 days before a breach is detected. And 53% of those are only discovered after notification from an external party, the report states.
The Vectra AI-driven threat detection and response platform reduces threat notification and response processes from weeks or days to minutes. Powered by artificial intelligence, it identifies threats proactively and in real time.
By automating labour-intensive tasks that are typically the responsibility of Tier 1 cybersecurity analysts and incident response teams, Vectra AI dramatically reduces the time spent on threat investigations by up to 90%, enabling security teams to focus on data loss prevention and mitigation.
Efficient and economical, Vectra AI gives IT security teams realtime visibility into all network traffic, spots hidden and unknown attackers, and puts security event context at their fingertips.
By giving cybersecurity teams the ability to identify and intervene against the early stages of an attack, well before a data breach occurs, Vectra AI reduces the risk of GDPR reportable data breaches.
Likewise, these same Vectra AI detections and alerting capabilities contribute to assessment, and form part of an appropriate technical cybersecurity architecture that supports GDPR compliance.