Story image

LogRhythm launches GDPR compliance module as deadline draws near

19 Jan 18

LogRhythm has taken the plunge into the pre-GDPR market as businesses worldwide prepare their compliance strategies.

The General Data Protection Regulations protect the European Union and its citizens and will come into effect on May 25.

Any businesses that collects and processes personal data of any EU citizen must comply with the regulations. Non-compliance may result in fines of up to €20 million or 4% of a company’s annual global annual revenue – whichever is the greater sum.

If an organisation offers goods or services, maintains offices or operates a website in the EU, it is likely that GDPR regulations apply, the company says.

“Given the breadth of the GDPR, no single solution provides automatic compliance with all aspects of the regulation. In fact, there are more people and process requirements to the regulation than technology,” explains LogRhythm CISO James Carder.

According to Gartner statistics, less than 50% of organisations that are affected by GDPR will be fully compliant with the regulation – even after it comes into effect.

LogRhythm has created a fully-integrated security solution that achieves and validates GDPR compliance.

“It’s clear that LogRhythm has put in significant time and effort to actually address GDPR,” comments UK SBS information security analyst Chris Kruk.

The company’s General Data Protection Compliance Module is designed with a pre-built suite of rules, alerts and reports mapped to GDPR articles.

  “The LogRhythm GDPR Compliance Module offers a simplified approach towards meeting this new regulation by providing a fundamental security framework designed to help organizations address the technology requirements of the GDPR. This framework helps organizations reduce risk, avoid fines and preserve their ability to conduct business in and with the EU,” Carder continues.

LogRhythm claims its solution is the ‘first on the market’ that integrates compliance with tech-focused GDPR articles.

The module includes capabilities including GeoIP configurations, a machine data intelligence fabric, an AI engine and risk-based prioritisation.

“The new investigation templates and other components dedicated to GDPR are very useful, and the GDPR reports provide a very good overview of the requirements of GDPR, Kruk continues.

LogRhythm also says its Compliance Module is available free to all LogRhythm customers, as are all of its other modules.

“Organisations implementing the module can realize immediate benefits, thanks to the suite of pre-built content that delivers a more efficient and effective solution over manual processes and other technologies,” the company explains.

AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.