CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Stay on Top of the EU General Data Protection Regulation

New data protection rules in the European Union have now been published after the European Parliament adopted the General Data Protection Regulation (GDPR) in late April. While the law won't be enforceable for approximately another two years, its ultimate goal is to harmonize data protection laws across the 28 EU member states and "make Europe fit for the digital age."

The GDPR aims to "give citizens back control over of their personal data, and to simplify the regulatory environment for business." The regulation will place a clear onus on businesses that collect and manage the personal information of EU citizens to protect that information from misuse.

With the introduction of the GDPR, all businesses processing the personal data of EU citizens will be fined up to four percent of global revenue in the event non-compliance. Organizations worldwide are therefore under more pressure than ever to guarantee the security of their customers' personal data, while being able to demonstrate this security to customers.

In anticipation of the GDPR, businesses must ramp up efforts around data security.

Here are five ways to help accomplish this effectively:

1. Don't delay

The deadline for EU countries to transpose the GDPR into their national law is May 6, 2018. That doesn't not present a lot of time for complex global firms to overhaul their policies, procedures and technology to achieve compliance. A great first step is for businesses to carry out a risk assessment against the expected standard.

2. Map your data

One of the largest tasks that lie ahead for organizations is the need to map their entire data footprint. Firms must determine what information exists and where, including unstructured data in the cloud and that which is shared with partners and other third-parties.

3. Boost your breach detection capabilities

The longer breaches go undetected the more damage they may cause, adding to the reputational damage and potentially to the financial penalty that offending business may suffer. Firms can look to embrace advanced analytics and expert threat analysis to help detect threats in near real-time.

4. Educate your employees

A compliance regime is only as strong as the employees who help you adhere to it. Ensure all employees are trained fully in data privacy, social engineering attack vectors and the relevant elements of the GDPR. Put in place clear protocols for employees to follow when handling personal data.

5. Get the right resources in place

A key challenge for companies is finding skilled professionals capable of helping them achieve security and compliance. Demand for qualified practitioners is forecasted to outstrip supply by a third before the end of the decade, putting real pressure on organizations as cyberattacks increase and regulations become more stringent. In this environment, there is an increasing need for businesses to seek assistance from managed security services providers (MSSPs). A MSSP can help provide the much-needed security relief that resource-strapped organizations require.

Jane Dotsenko is Trustwave marketing manager in EMEA.

Latest Trustwave Blogs

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are...

Read More

Balancing Innovation and Security: How Offensive Security Can Help Navigate the Tech Industry’s Dual Challenges

Two of the greatest threats facing technology-focused organizations are their often-quick adoption of new technologies, such as artificial intelligence (AI), without taking security measures into...

Read More

Trustwave Government Solutions (TGS) Salutes New Mexico’s New Cybersecurity Executive Order

New Mexico Governor Michelle Lujan Grisham issued an Executive Order to shore up the state’s cybersecurity readiness and better safeguard sensitive data by conducting a state-wide security assessment...

Read More