GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved....
Transcript of GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved....
![Page 1: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/1.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
GDPR NU ESTE O
DESTINATIE ! Dan Gavojdea
Cyber Security Specialist
![Page 2: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/2.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ARE YOU SECURE ? WHO SAID SO ?
![Page 3: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/3.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Grace Hopper,
Predicted in 1965 that“data will become morevaluable than hardware”
![Page 4: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/4.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
General Data Protection Regulation
To be Enforced on May 25, 2018
65 Days….Enables innovation &
participation in global digital
economy
![Page 5: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/5.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco at a Glance
28.8MW
Data Center
Capacity
72,468Employees
482Offices
offices in 94countries
4,326Routers
6,572LAN Switches
136,381Connected
Stakeholders
201,023Connected
User Devices
94Services
Data as of January 2017
doing business in
165+ countries
2000+ Production applications
348Active Production DBs
![Page 6: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/6.jpg)
What is Cisco doing to be GDPR-ready?
Data Protection
Program
Third-party Review/
Updates
Update & asses
International
Transfers of Personal
Data
![Page 7: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/7.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What Does “GDPR-Ready” Look Like?
Know Your
DataAssess &
ManageSecure
Report
Progress
![Page 8: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/8.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Internal Program
Awareness and
Education
Incident
Response
Asses the RiskIdentification and
Classification
Policies and
Standards
Program
EnforcementPrivacy by
Design/Default
(in products)
Design Security
Methodologies
![Page 9: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/9.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Form a multi-disciplinary team, it takes a village of diverse skilled people
2. Choose a program framework that works for your organization
3. Sets your goals and priorities
4. Inventory your data - start with high-risk categories & PII
5. Asses your organization's status on data protection
6. Review existing processes
7. Identify and close gaps
8. Training– people awareness is important as technology
Our tips
![Page 10: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/10.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
![Page 11: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/11.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ETAPELE PROIECTULUI DE CONSULTANTA GDPR(EXEMPLU)
1. START PROIECT GDPR
2. EVALUARE
3. IDENTIFICARE RISCURI
4. EVALUARE IMPACT
5. MASURI ADMINISTRATIVE
6. IDENTIFICARE DATE PERSONALE
7. MASURI TEHNICE
8. IMPLEMENTARE SI TESTARE
9. REVIZUIRE CONTINUA
![Page 12: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/12.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialAssets
RISK
Measures to reduce
The Risks
1. Administrative controls
2. Physical controls
3. Technical Controls
![Page 13: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/13.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Build Security In Maturity Model (BSIMM)
If the chocolate chips are not part of the mix… you end up having cookies with chips on the outside… (well sort of…)
When the chocolate chips are part of the mix…. you end up with chocolate chip cookies
Engage SECURITY early in any process
.
GDPR is like a cake and SECURITY like chocolate chips
![Page 14: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/14.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Complete Security by Cisco layered approach
AnyConnect
ThreatGrid
ISE
AMP
FirepowerASA ESA WSA
Cisco StealthWatch
OpenDNS
![Page 15: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/15.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
![Page 16: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/16.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Closing thought
Being Compliant does not make
you secure
Being Secure helps you to be
compliant
![Page 17: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/17.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
NEXT STEP ?
![Page 18: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/18.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Ask for Security Assessment
!
…and implement
”APPRORIATE”security
controls
![Page 19: GDPR NU ESTE O DESTINATIE - BRINEL · © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential GDPR NU ESTE O DESTINATIE ! Dan Gavojdea Cyber Security Specialist](https://reader035.fdocuments.in/reader035/viewer/2022071214/6042a0fdfe9b7e1f0b3771a7/html5/thumbnails/19.jpg)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you!
Eveniment sutinut de