Today, the European Commission published a new version of its Data Protection Directive. The new legislation installs a ‘mandatory data breach notification’ ruling across both public and private sector organisations, requiring them to report any breaches to relevant supervisory authorities, such as the Information Commissioner’s Office in the UK, as well as inform any seriously affected individuals – all within 24 hours.
Organisations that fail to alert on or notify a personal data breach in a timely or complete fashion to the supervisory authority will face fines of up to 2 percent of their current revenues. The legislation will take effect two years after it has been adopted.
This new law makes it essential for organisations to improve the use of the data generated by their IT systems, in order for any aberrant activity to be more quickly and effectively identified.
Unfortunately, all too often this information is managed in an inefficient and disparate manner. This can lead to inaccurate data breach notifications being issued, as many organisations are unable to accurately identify exactly what the breach entailed.
This ‘over-disclosure’ has become a particular problem in the US, where breach notification laws are already in place. Many companies have found themselves forced into issuing blanket breach notifications, which may even overstate the severity of the incident, due to a lack of visibility within their IT systems.
With increasingly sophisticated and frequent cyber attacks, data breaches – and now issuing breach notifications – have become inevitable. It is therefore in any organisation’s best interest to always have a clear view of what’s happening throughout their IT estate, in order to avoid disclosing inaccurate information and unintentionally escalating the magnitude of a breach.
The most effective way to identify exactly what data has been compromised, and thus generate accurate breach notifications within 24 hours, is by deploying centralised Protective Monitoring systems that automatically collect and analyse all log data generated by the IT infrastructure.
Such systems provide organisations with a deep insight into what occurs across their IT systems, giving them the traceability needed to connect seemingly unrelated incidents. This not only allows for anomalies to be accurately identified in real time, but also enables remediation measures to be taken immediately, which minimises any damage.