Splunk Forum Frankfurt - 15th Nov 2017 - GDPR / EU-DSGVO

© 2017 SPLUNK INC.

Splunk und die EU-DSGVO

Matthias Maier | Director Product Marketing EMEA

NOVEMBER 15 | FRANKFURT

© 2017 SPLUNK INC.

During the course of this presentation, we may make forward-looking statements regarding future events or

the expected performance of the company. We caution you that such statements reflect our current

expectations and estimates based on factors currently known to us and that actual events or results could

differ materially. For important factors that may cause actual results to differ from those contained in our

forward-looking statements, please review our filings with the SEC.

The forward-looking statements made in this presentation are being made as of the time and date of its live

presentation. If reviewed after its live presentation, this presentation may not contain current or accurate

information. We do not assume any obligation to update any forward looking statements we may make. In

addition, any information about our roadmap outlines our general product direction and is subject to change

at any time without notice. It is for informational purposes only and shall not be incorporated into any contract

or other commitment. Splunk undertakes no obligation either to develop the features or functionality

described or to include any such feature or functionality in a future release.

Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in

the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved.

Forward-Looking Statements

THIS SLIDE IS REQUIRED FOR ALL 3 PARTY PRESENTATIONS.

© 2017 SPLUNK INC.

GDPR Timelines▶ The regulation is binding across all EU members states

January, 2012

Commissioner Proposed

reform to Data Protection

regulation

May, 2018

Effective Data Protection

Framework comes into

force (25th May, 2018)

April, 2016

EU Council adopted new

regulation

December, 2015

EU agreement on

regulation

© 2017 SPLUNK INC.

Key Features of GDPR/DSGVOApplicable to any company doing business in the European Union

European Data

Protection

Harmonization

Fines up to

€20m or 4%

of turnover

Mandatory

Privacy Impact

Assessments

Privacy by

Design &

Default

72 Hour

Breach

Notification

Mandatory

Data Erasure

& Portability

Consent for

Personal Data

Profiling

© 2017 SPLUNK INC.

Ein Datendiebstahlunter der neuen EU-

DSGVO

© 2017 SPLUNK INC.

What if tomorrow is

© 2017 SPLUNK INC.

What if you’re responsible for Security?

© 2017 SPLUNK INC.

You wake up in the morning and you even haven’t had your coffee

© 2017 SPLUNK INC.

Your friendly Data Privacy Officer is on the phone

© 2017 SPLUNK INC.

Someone claims to sell PI data you

hold

© 2017 SPLUNK INC.

There is data in the deep web

It may be your data!

© 2017 SPLUNK INC.

He hangs up! What’s next?

© 2017 SPLUNK INC.

Your incident investigation plan kicks in

© 2017 SPLUNK INC.

DPOIT

PR/Media TeamLegal(CEO)

Coordination

© 2017 SPLUNK INC.

Emergency call

Emergency chatroom

© 2017 SPLUNK INC.

The fire alarm button is

pulled down

© 2017 SPLUNK INC.

T- 72h

© 2017 SPLUNK INC.

Internal Leak

External Leak

Incident commander

T- 70h

© 2017 SPLUNK INC.

“We need to investigate!!!”

Reaching out to your security

operations team

T- 65h

© 2017 SPLUNK INC.

People and Processes

T- 60h

© 2017 SPLUNK INC.

Where is that data stored in

your environment?

T- 55h

© 2017 SPLUNK INC.

First Action

Is data still leaking?

T- 45h

© 2017 SPLUNK INC.

How will you watch them?

T- 40h

© 2017 SPLUNK INC.

Nice, structured,

tidy data

T- 39h

© 2017 SPLUNK INC.

Diving deep into the digital

infrastructure

T- 35h

© 2017 SPLUNK INC.

time series, in motion, unstructured

Machine data

26T- 34h

© 2017 SPLUNK INC.

It can be big data…

T- 33h

© 2017 SPLUNK INC.

… it is lazy

T- 32h

© 2017 SPLUNK INC.

… and it is hard to

understand…

T- 30h

© 2017 SPLUNK INC.

Take response actions to stop data leakage

T- 20h

© 2017 SPLUNK INC.

Understand

T- 15h

© 2017 SPLUNK INC.

How much data will be needed for

this?

© 2017 SPLUNK INC.

Who processed

your information?

T- 10h

© 2017 SPLUNK INC.

Which user or systems was

involved?

T- 8h

© 2017 SPLUNK INC.

You know what you know

You know what you don’t know

Painting the picture

T- 5h

© 2017 SPLUNK INC.

Maybe resulting in a non event?

Puts the breach data subjects at

risk?

© 2017 SPLUNK INC.

Do individuals need to be informed additionally?

How sensitive was the data?

© 2017 SPLUNK INC.

before chatter explodes

• Inform Authority

• Inform affected Individuals

• (Inform Public)

As an organization you want to control the

story

T- 0h

© 2017 SPLUNK INC.

Worst Practice:

German Bundestag

"The Trojans are still active," confirmed SPIEGEL ONLINE. According to data from several sources familiar with the case, Bundestag data from the ”Parliament" network continue to flow in an unknown direction.

© 2017 SPLUNK INC.

Best Practice:

ABTA Breach

© 2017 SPLUNK INC.

Best Practice:

ABTA Breach

© 2017 SPLUNK INC.

© 2017 SPLUNK INC.

2+ weeks later out of the news

Example

ABTA Breach

43

© 2017 SPLUNK INC.

© 2017 SPLUNK INC.

Someone knocks on your door

T+ 1 Week

© 2017 SPLUNK INC.

Have you deployed “countermeasures

appropriate to the risk”?

Have you used “state of the art” best

practices?

Data Privacy Audits

T+ 1 Week

© 2017 SPLUNK INC.

Massive Fines

T+ 1 Week

© 2017 SPLUNK INC.

What did you know?

When did you know?

How did you know about it?

Prove

T+ 2 Weeks

© 2017 SPLUNK INC.

Logs become your digital fingerprints

© 2017 SPLUNK INC.

Why Splunk?

Splunk can help

© 2017 SPLUNK INC.

Prove GDPR security controls are enforced

Splunk helps to detect, prevent and investigate

breaches

Search and reporton personal data

processing

What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours

© 2017 SPLUNK INC.

Three Use Cases that bring different person’s on the same level and speak the same language, each:

▶ Real World Scenario (IT-Manager)

▶ Relevant GDPR Articles and what they mean (Data Privacy Officer)

▶ How machine data helps with (Splunk Champion)

Whitepaper: How machine data helps with GDPRhttps://www.splunk.com/en_us/form/white-paper-how-machine-data-supports-gdpr-compliance.html

https://www.splunk.com/de_de/form/wie-maschinendaten-die-eu-dsgvo.html

https://www.splunk.com/fr_fr/form/les-donnees-machine-facilitent-la-conformite-au-rgpd.html

© 2017 SPLUNK INC.

Splunk Support for the GDPR Journey

How to use Machine Data for GDPR

Whitepaper outlining how machine data can support GDPR

Splunk Data

ObfuscationHow to protect data using anonymisation,

pseudonymisation & encryption in Splunk

.conf Session – Angelo Brancato and Dirk

Nitschke

Splunk GDPR Support

GDPR Workshop Map analytics capabilities to GDPR security monitoring & reporting needs

How to handle log data in your SIEM under GDPR FAQ’s answered from Freddy Dezeure,

Former Head of. CERT-EU

.conf Session

© 2017 SPLUNK INC.© 2017 SPLUNK INC.

NOVEMBER 15 | FRANKFURT