GDPR Compliance Journey - 17 Data Breach

Gydeline

21 May 201806:18

Summary

TLDRIn this informative video, Mike 7 discusses the critical aspects of breach management under the GDPR. He emphasizes the importance of initial protection, using technical measures like cyber essentials to fortify against breaches. Monitoring systems for suspicious activities is highlighted, with the use of dashboards from providers like Microsoft and Google. The video outlines a four-step process for handling breaches: identification, investigation, containment, and notification. A breach process document is introduced, detailing the steps and mandatory elements to ensure a consistent response. The key takeaway is clear communication within the organization and adherence to the 72-hour notification requirement for high-risk breaches.

Takeaways

🛡️ The importance of implementing technical measures and cyber essentials to create a baseline of information security to protect against breaches.
🔍 The necessity of monitoring systems for suspicious activity and breaches using dashboards and tools provided by service providers.
📝 The existence of a four-step process for managing breaches: identify, investigate, contain, and notify.
🕒 The critical 72-hour window for identifying and beginning the response to a data breach, as per mandatory requirements.
🔎 The need for thorough investigation to understand the nature of the breach and what data might have been exposed.
🔒 The importance of containing the breach to prevent further damage, which involves working with providers and documenting steps.
✉️ The requirement to notify the Information Commissioner's Office and affected individuals within 72 hours if the breach is high-risk and unmitigated.
📋 The use of a breach process document to ensure a consistent response and to meet mandatory elements of breach management.
🗂️ The categorization of the breach process into steps and the importance of recording information for the breached notification form.
👥 The emphasis on clear communication within the organization about the breach process and the importance of understanding and following it.
🔄 The script's suggestion that the next topic will be reviewing measures and third-party compliance.

Q & A

What is the primary focus of the video script by Mike 7?
-The primary focus of the video script is breach management within the context of GDPR compliance.
What is the first step in breach management according to the script?
-The first step is to protect yourself from a breach by implementing technical measures and cyber essentials to establish a baseline of information security.
Why is it important to make oneself a difficult target for attackers?
-Making oneself a difficult target is important because it helps protect against breaches by standing out among the many who have not implemented basic security measures.
What is the role of dashboards in monitoring for potential breaches?
-Dashboards provided by service providers like Microsoft, Google, or AWS allow users to log in and check the status and health of their systems to detect any unexpected activity that might indicate a breach.
What are the four steps outlined in the script for managing a breach?
-The four steps are: identifying if a breach has occurred, investigating the nature and extent of the breach, containing the breach to prevent further damage, and notifying the relevant parties.
What is the significance of the 72-hour timer mentioned in the script?
-The 72-hour timer is significant because it is the mandatory requirement for organizations to notify the supervisory authority in case of a high-risk breach.
What information is important to collect during the investigation phase of a breach?
-Important information includes the data affected, individuals impacted, system or location involved, measures in place at the time, and the assessed risk.
How should containment steps be documented in the event of a breach?
-Containment steps should be documented against a helpdesk ticket, detailing the specific actions taken to prevent the breach from worsening, which may vary depending on the nature of the breach.
What is required within 72 hours of identifying a high-risk breach?
-Within 72 hours of identifying a high-risk breach, organizations must complete a data breach notification form and send it to the Information Commissioner's Office, and inform affected individuals if the breach remains unmitigated and the data is not encrypted.
What is the final action recommended in the script after managing a breach?
-The final action is to close the helpdesk ticket and review the related policies to ensure the breach management process is aligned with organizational guidelines.
Why is clear communication emphasized in the script regarding breach management?
-Clear communication is emphasized to ensure everyone in the organization understands the breach management process, knows where to find documents, and is aware of how and when to communicate about a breach, which is crucial for effective response.