The GDPR is a huge piece of legislation. We brought together a team of privacy, compliance, and technology experts to list the key questions any company should think about in relation to GDPR compliance.
Is there a culture of data security and awareness in our organization?
An overriding principle of the GDPR is data minimization-only collect the data that is required to provide goods or services.
A key consideration for GDPR readiness is to consolidate security data in a SIEM and employ user entity behavior analytics (UEBA) to identify anomalous behavior