Optiv Security, a market-leading provider of end-to-end cyber security solutions, announced a unique, programmatic approach that distills the complex European Union (EU) General Data Protection Regulation (GDPR) and enables companies to meet all cyber security-related requirements of the regulation. As part of its approach, Optiv offers a comprehensive suite of solutions and services that help companies minimize their breach risk for GDPR compliance while leveraging their existing security investments.
“The roadmap to regulatory compliance can be overwhelming and expensive, especially when intersected with the complex patchwork of deployed security solutions. As such, compliance scenarios like GDPR require security expertise to address,” said Stuart Solomon, executive vice president of security solutions and operations for Optiv. “Optiv’s experienced team of risk, compliance and security professionals focus on helping companies identify and resolve specific concerns related to the new regulatory environment. By enabling clients to establish business-aligned, risk-based, threat-aware information security programs, compliance becomes a positive side effect.”
Optiv’s unique, multi-pronged solution for GDPR compliance helps organizations dissect out the regulation’s cyber security components from those that fall into two other key areas of business—legal and IT. From this, security leaders can more easily understand which aspects of the regulation they own and how to work with legal and IT leaders to make better-informed business decisions. This helps companies minimize their breach risk and meet GDPR’s cyber security-specific requirements.
Optiv has identified six cyber security pillars of GDPR compliance and the high-level steps to comply with each:
- Data Governance – Understand the GDPR regulations as it relates to the business and then activate a plan to meet those obligations.
- Data Classification – Analyze what data within the environment is relevant to the GDPR and develop proper classification scheme for ongoing data management.
- Data Discovery – Determine where sensitive data is stored across your environment and set up policies and procedures to manage it.
- Data Access – Recognize who has access to data and set up policies and procedures for access management and governance.
- Data Handling – Prepare for the chance of an incident, ensure that plans are in place to meet GDPR obligations regarding the handling of sensitive information.
- Data Protection – Plan, build and run an appropriate security program for the protection of sensitive information.
In addition to helping companies better understand GDPR, Optiv delivers a comprehensive offering with a suite of solutions and services that enable companies to comply with the six cyber security pillars of GDPR, while additionally maximizing their current security investments. These pillars fall across multiple Optiv cyber security areas of focus, including: risk and compliance, third-party risk management, identity and access management, security operations, cloud security and incident response. Understanding how these functions fit into the requirements of GDPR is critical to achieving and sustaining compliance. Optiv helps companies plan, build and run successful cyber security programs that keep regulations like GDPR in mind.
“GDPR continues to baffle many business, security and IT leaders, who struggle with its complexity and are unclear how it impacts their organization, if at all. The vast amount of services and products, and conversations related to GDPR make it difficult to cut through the noise and know what path to take forward to achieve compliance,” said J.R. Cunningham, senior executive director, strategy, risk and compliance for Optiv. “Optiv is here to help deliver clarity amongst the chaos. We assist companies with tackling the cyber security piece of GDPR using the same philosophy we recommend to clients to solve all their security problems every day—through a holistic, programmatic approach that includes the right mix of staff, processes and technologies.”