Not Another GDPR Comment
Carolyn Crandall, Chief Deception Officer at Attivo Networks:
Many organisations have been able to address Articles 32 and 25 of GDPR, but many still struggle with Article 33. Numerous organisations have difficulty identifying if an incident happened and if it happened, they have trouble modifying their strategy to report within 72 hours. Previous directives from the EU 95/46 made no specific mention of data breaches and GDPR now sets a clear directive as to what constitutes a data breach, how the incident is to be reported and the substantial penalties for not complying. This has required businesses to reassess their technology and processes in order to understand their ability to detect, audit, and report breaches in compliance with GDPR. Closing these gaps, in many cases, requires the adoption of new technology to ensure that the attack is not only detected but also understood in a way that can explain the magnitude of the breach and the corrective actions to contain it. Whether it be access to budget, skills shortages, or otherwise, a fair amount of organisations remain hard-pressed to comply with this article if faced with a breach today.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise