Trellix logo
Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

What Is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) is EU legislation passed on May 25, 2018 that is designed to give individuals more control over their personal data—defined as any information relating to an identified or identifiable natural person—and to establish a single set of data protection rules across the European Union. To comply with this new data protection act, companies must “implement appropriate technical and organizational” measures to protect personal data. These measures include:

  • Knowing what data they hold and have appropriate rights to use the data
  • Being able to answer questions from customers, as well as employees and former employees, about what type of data they hold, and, in some cases, delete data they no longer need
  • Considering privacy and security at the start of a project or in first building a product, and do a review of projects before launching
  • Notifying their main regulator within 72 hours of becoming aware if they have a security incident
  • Requiring their vendors to also secure their data, and record this commitment in a contract

It’s important to note that GDPR requirements don’t just apply to EU organizations; they apply to all organizations, anywhere in the world, that target, collect, or use the personal data of any EU resident. Organizations that fail to comply with GDPR can face stiff penalties and fines—up to 2% or 4% of total global annual turnover or €10 million or €20 million, whichever is greater.

An opportunity to change the way you secure data

An opportunity to change the way you secure data

Delivering personal data protection to EU residents continues to be a challenge and a priority as the business, technology, and threat landscapes evolve and become more complex. Where do you begin? As a first step, assess your data loss risks. Next, take an inventory of your attack surfaces and look at how you can better protect them. Finally, you’ll want to think about how your technology transformation plans could be integrated with a GDPR security investment to deliver personal data security.

Step 1: Continuous Discovery and Assessment — Discover, classify, and inventory personal data.

Step 2: Data Security — Protect personal data at rest and in motion on endpoints and in the cloud.

Step 3: Application Security — Defend critical applications in the data center and cloud.

Step 4: Cloud Data Security — Safeguard personal data that is uploaded to the cloud, that resides in the cloud, and that is downloaded from the cloud.

Step 5: Breach and Detection Response — Ensure that critical processes are in place to detect, investigate, and remediate breaches in a timely manner.

Data Protection Lifecycle