SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
LogRhythm launches GDPR compliance module as deadline draws near
Fri, 19th Jan 2018
FYI, this story is more than a year old

LogRhythm has taken the plunge into the pre-GDPR market as businesses worldwide prepare their compliance strategies.

The General Data Protection Regulations protect the European Union and its citizens and will come into effect on May 25.

Any businesses that collects and processes personal data of any EU citizen must comply with the regulations. Non-compliance may result in fines of up to €20 million or 4% of a company's annual global annual revenue – whichever is the greater sum.

If an organisation offers goods or services, maintains offices or operates a website in the EU, it is likely that GDPR regulations apply, the company says.

“Given the breadth of the GDPR, no single solution provides automatic compliance with all aspects of the regulation. In fact, there are more people and process requirements to the regulation than technology,” explains LogRhythm CISO James Carder.

According to Gartner statistics, less than 50% of organisations that are affected by GDPR will be fully compliant with the regulation – even after it comes into effect.

LogRhythm has created a fully-integrated security solution that achieves and validates GDPR compliance.

“It's clear that LogRhythm has put in significant time and effort to actually address GDPR,” comments UK SBS information security analyst Chris Kruk.

The company's General Data Protection Compliance Module is designed with a pre-built suite of rules, alerts and reports mapped to GDPR articles.

  “The LogRhythm GDPR Compliance Module offers a simplified approach towards meeting this new regulation by providing a fundamental security framework designed to help organizations address the technology requirements of the GDPR. This framework helps organizations reduce risk, avoid fines and preserve their ability to conduct business in and with the EU,” Carder continues.

LogRhythm claims its solution is the ‘first on the market' that integrates compliance with tech-focused GDPR articles.

The module includes capabilities including GeoIP configurations, a machine data intelligence fabric, an AI engine and risk-based prioritisation.

“The new investigation templates and other components dedicated to GDPR are very useful, and the GDPR reports provide a very good overview of the requirements of GDPR, Kruk continues.

LogRhythm also says its Compliance Module is available free to all LogRhythm customers, as are all of its other modules.

“Organisations implementing the module can realize immediate benefits, thanks to the suite of pre-built content that delivers a more efficient and effective solution over manual processes and other technologies,” the company explains.