The countdown to GDPR is on and companies are just now thinking about how to ensure their incident response strategies can meet data privacy compliance requirements, especially the strict 72-hour breach notification. Not meeting this requirement leaves organizations subject to staggering fines in addition to lost business. More confusing is how GDPR impacts US companies, even if they do not conduct business in the EU.
What does a CISO need to know to get their houses in order prior to the May 2018 deadline?
Luckily, there are best practices to not only help organizations improve their incident investigation techniques but also be ready constantly changing landscape of global data privacy.