General Data Protection Regulation (GDPR) , Incident & Breach Response , Managed Detection & Response (MDR)

GDPR: Data Breach Notification 101

Brian Honan of BH Consulting on When to Notify - or Not
Brian Honan, president and CEO, BH Consulting

Since the EU's new privacy law came into effect on May 25, 2018, one challenge for organizations that suffer a breach is knowing whether or not they must report it to authorities, says Brian Honan, president and CEO of BH Consulting in Dublin.

See Also: The Business Case for Data Diode Security

To help, he recommends all organizations that must comply with General Data Protection Regulation start by familiarizing themselves with guidelines released by ENISA - the EU Agency for Network and Information Security - on measuring the severity and impact of a breach.

In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Honan discusses:

  • Data breach decision: Determining if a breach warrants notification;
  • Why every organization that must comply with GDPR should make use of ENISA's breach impact methodology;
  • What regulators do - and do not - want to see from breached organizations, and the risk organizations face if they get it wrong.

Honan heads BH Consulting in Dublin. He founded Ireland's first computer emergency response team and is also a cybersecurity adviser to Europol, which is the EU's law enforcement intelligence agency.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.