Post on 21-Jan-2018
© 2017 SPLUNK INC.
Splunk und die EU-DSGVO
Matthias Maier | Director Product Marketing EMEA
NOVEMBER 15 | FRANKFURT
© 2017 SPLUNK INC.
During the course of this presentation, we may make forward-looking statements regarding future events or
the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results could
differ materially. For important factors that may cause actual results to differ from those contained in our
forward-looking statements, please review our filings with the SEC.
The forward-looking statements made in this presentation are being made as of the time and date of its live
presentation. If reviewed after its live presentation, this presentation may not contain current or accurate
information. We do not assume any obligation to update any forward looking statements we may make. In
addition, any information about our roadmap outlines our general product direction and is subject to change
at any time without notice. It is for informational purposes only and shall not be incorporated into any contract
or other commitment. Splunk undertakes no obligation either to develop the features or functionality
described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in
the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved.
Forward-Looking Statements
THIS SLIDE IS REQUIRED FOR ALL 3 PARTY PRESENTATIONS.
© 2017 SPLUNK INC.
GDPR Timelines▶ The regulation is binding across all EU members states
January, 2012
Commissioner Proposed
reform to Data Protection
regulation
May, 2018
Effective Data Protection
Framework comes into
force (25th May, 2018)
April, 2016
EU Council adopted new
regulation
December, 2015
EU agreement on
regulation
© 2017 SPLUNK INC.
Key Features of GDPR/DSGVOApplicable to any company doing business in the European Union
European Data
Protection
Harmonization
Fines up to
€20m or 4%
of turnover
Mandatory
Privacy Impact
Assessments
Privacy by
Design &
Default
72 Hour
Breach
Notification
Mandatory
Data Erasure
& Portability
Consent for
Personal Data
Profiling
© 2017 SPLUNK INC.
Ein Datendiebstahlunter der neuen EU-
DSGVO
© 2017 SPLUNK INC.
What if tomorrow is
© 2017 SPLUNK INC.
What if you’re responsible for Security?
© 2017 SPLUNK INC.
You wake up in the morning and you even haven’t had your coffee
© 2017 SPLUNK INC.
Your friendly Data Privacy Officer is on the phone
© 2017 SPLUNK INC.
Someone claims to sell PI data you
hold
© 2017 SPLUNK INC.
There is data in the deep web
It may be your data!
© 2017 SPLUNK INC.
He hangs up! What’s next?
© 2017 SPLUNK INC.
Your incident investigation plan kicks in
© 2017 SPLUNK INC.
DPOIT
PR/Media TeamLegal(CEO)
Coordination
© 2017 SPLUNK INC.
Emergency call
Emergency chatroom
© 2017 SPLUNK INC.
The fire alarm button is
pulled down
© 2017 SPLUNK INC.
T- 72h
© 2017 SPLUNK INC.
Internal Leak
External Leak
Incident commander
T- 70h
© 2017 SPLUNK INC.
“We need to investigate!!!”
Reaching out to your security
operations team
T- 65h
© 2017 SPLUNK INC.
People and Processes
T- 60h
© 2017 SPLUNK INC.
Where is that data stored in
your environment?
T- 55h
© 2017 SPLUNK INC.
First Action
Is data still leaking?
T- 45h
© 2017 SPLUNK INC.
How will you watch them?
T- 40h
© 2017 SPLUNK INC.
Nice, structured,
tidy data
T- 39h
© 2017 SPLUNK INC.
Diving deep into the digital
infrastructure
T- 35h
© 2017 SPLUNK INC.
time series, in motion, unstructured
Machine data
26T- 34h
© 2017 SPLUNK INC.
It can be big data…
T- 33h
© 2017 SPLUNK INC.
… it is lazy
T- 32h
© 2017 SPLUNK INC.
… and it is hard to
understand…
T- 30h
© 2017 SPLUNK INC.
Take response actions to stop data leakage
T- 20h
© 2017 SPLUNK INC.
Understand
T- 15h
© 2017 SPLUNK INC.
How much data will be needed for
this?
© 2017 SPLUNK INC.
Who processed
your information?
T- 10h
© 2017 SPLUNK INC.
Which user or systems was
involved?
T- 8h
© 2017 SPLUNK INC.
You know what you know
You know what you don’t know
Painting the picture
T- 5h
© 2017 SPLUNK INC.
Maybe resulting in a non event?
Puts the breach data subjects at
risk?
© 2017 SPLUNK INC.
Do individuals need to be informed additionally?
How sensitive was the data?
© 2017 SPLUNK INC.
before chatter explodes
• Inform Authority
• Inform affected Individuals
• (Inform Public)
As an organization you want to control the
story
T- 0h
© 2017 SPLUNK INC.
Worst Practice:
German Bundestag
"The Trojans are still active," confirmed SPIEGEL ONLINE. According to data from several sources familiar with the case, Bundestag data from the ”Parliament" network continue to flow in an unknown direction.
© 2017 SPLUNK INC.
Best Practice:
ABTA Breach
© 2017 SPLUNK INC.
Best Practice:
ABTA Breach
© 2017 SPLUNK INC.
© 2017 SPLUNK INC.
2+ weeks later out of the news
Example
ABTA Breach
43
© 2017 SPLUNK INC.
© 2017 SPLUNK INC.
Someone knocks on your door
T+ 1 Week
© 2017 SPLUNK INC.
Have you deployed “countermeasures
appropriate to the risk”?
Have you used “state of the art” best
practices?
Data Privacy Audits
T+ 1 Week
© 2017 SPLUNK INC.
Massive Fines
T+ 1 Week
© 2017 SPLUNK INC.
What did you know?
When did you know?
How did you know about it?
Prove
T+ 2 Weeks
© 2017 SPLUNK INC.
Logs become your digital fingerprints
© 2017 SPLUNK INC.
Why Splunk?
Splunk can help
© 2017 SPLUNK INC.
Prove GDPR security controls are enforced
Splunk helps to detect, prevent and investigate
breaches
Search and reporton personal data
processing
What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
© 2017 SPLUNK INC.
Three Use Cases that bring different person’s on the same level and speak the same language, each:
▶ Real World Scenario (IT-Manager)
▶ Relevant GDPR Articles and what they mean (Data Privacy Officer)
▶ How machine data helps with (Splunk Champion)
Whitepaper: How machine data helps with GDPRhttps://www.splunk.com/en_us/form/white-paper-how-machine-data-supports-gdpr-compliance.html
https://www.splunk.com/de_de/form/wie-maschinendaten-die-eu-dsgvo.html
https://www.splunk.com/fr_fr/form/les-donnees-machine-facilitent-la-conformite-au-rgpd.html
© 2017 SPLUNK INC.
Splunk Support for the GDPR Journey
How to use Machine Data for GDPR
Whitepaper outlining how machine data can support GDPR
Splunk Data
ObfuscationHow to protect data using anonymisation,
pseudonymisation & encryption in Splunk
.conf Session – Angelo Brancato and Dirk
Nitschke
Splunk GDPR Support
GDPR Workshop Map analytics capabilities to GDPR security monitoring & reporting needs
How to handle log data in your SIEM under GDPR FAQ’s answered from Freddy Dezeure,
Former Head of. CERT-EU
.conf Session
© 2017 SPLUNK INC.© 2017 SPLUNK INC.
NOVEMBER 15 | FRANKFURT