TRENDING:

General Data Protection Regulation (GDPR) , Incident & Breach Response , Managed Detection & Response (MDR)

GDPR: Data Breach Notification 101

Brian Honan of BH Consulting on When to Notify - or Not Mathew J. Schwartz (euroinfosec) • March 22, 2019    
Brian Honan, president and CEO, BH Consulting

Since the EU's new privacy law came into effect on May 25, 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

To help, he recommends all organizations that must comply with General Data Protection Regulation start by familiarizing themselves with guidelines released by ENISA - the EU Agency for Network and Information Security - on measuring the severity and impact of a breach.

In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Honan discusses:

  • Data breach decision: Determining if a breach warrants notification;
  • Why every organization that must comply with GDPR should make use of ENISA's breach impact methodology;
  • What regulators do - and do not - want to see from breached organizations, and the risk organizations face if they get it wrong.

Honan heads BH Consulting in Dublin. He founded Ireland's first computer emergency response team and is also a cybersecurity adviser to Europol, which is the EU's law enforcement intelligence agency.

Previous
Technology's Role in Digital Risk Management
Next
The Future of Cybersecurity Education - Part 2

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.



Around the Network

Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools
Why Legacy Medical Systems Are a Growing Concern
Why Legacy Medical Systems Are a Growing Concern
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Why Health Entities Need to Implement NIST Cyber Framework
Why Health Entities Need to Implement NIST Cyber Framework
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Efficient Management of Enterprisewide Data Protection
Efficient Management of Enterprisewide Data Protection
HIPAA Considerations for AI Tool Use in Healthcare Research
HIPAA Considerations for AI Tool Use in Healthcare Research

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.