Security Information & Event Management Blog | SIEM

The GDPR Aftermath: Lack of Real-Time Security Alerts from Your Mainframe Could Cost Your Organization Unforeseen Millions

The GDPR is in full effect and the first disclosure of a major breach subject to the regulation has happened. The Ticketmaster breach which affected British and international customers compromised the Personal Identifiable Information or PII of 40,000 people. Data stolen included name, email address, physical address, telephone number, Ticketmaster logins, and payment card details. If the EU levies the fine applicable to pre-GDPR rules, the fine is only 500,000 GBP. If they apply the GDPR fine structure, the fine will be 17,000,000 GBP. This is surely a major case to watch!

The breach occurred over about a four-month time frame and this is not unusual given the average time to discover data breach in 2017 was 197 days.[1] This is a high-profile case to watch and is big IT data compliance news. While U.S. companies may still be doubting the pertinence of the GDPR to their U.S. businesses, other data compliance laws that hit closer to home are coming. California has passed a data privacy law that will go into effect in 2020, and North Carolina has proposed a bill to legislation for a similar law.

Download CorreLog's Whitepaper: "Impact from the New  GDPR: The Countdown to May 2018 has Begun."

The California law allows consumers the right to know what information companies are collecting about them, why they are collecting it, and who they are sharing it to. It gives customers the right to tell companies to delete their information and makes it more difficult to share or sell data on children younger than 16. The law also makes it easier for consumers to sue companies after a data breach and gives the state’s attorney general more authority to fine companies that don’t adhere to the new regulations.[2]

The North Carolina-proposed bill isn’t much different with lawmakers wanting to require notification within 15 days of discovery of the breach, a bit more lenient timeline than the GDPR, which requires a 72-hour notification. The GDPR has an extremely tight timeline, especially considering the Ticketmaster breach may have been kept a secret for about two months[3] and we will undoubtedly see breaches spanning pre- and post-compliance law dates, creating a lot of marketplace chaos. While we wait to find out the ramifications of the Ticketmaster UK breach, your organization must understand the nature of data access in real time anytime, and you must have this real-time InfoSec data from all systems. Since your mainframe holds the most valuable PII, this is a high-risk target for your organization.

CorreLog monitors malicious activity on your mainframe in real time with facilities you already have utilizing agent-based software code that resides in one (or more) LPARs and that tracks IBM RACF, CA ACF2 & TSS, Db2 & IMS, FTP, TCP/IP, IND$FILE, BMC, Compuware, Micro Focus, Syslog events, and more.

For those of you unsure of your organization’s capabilities for real-time, enterprise-wide visibility to user activity, privileged or otherwise, click here to download CorreLog’s whitepaper designed as an educational tool with some best-practices for helping your organization manage GDPR compliance.

CorreLog can be a valuable resource for a single repository of event log data across all systems, mainframe and distributed, with the real-time visibility so you can mitigate any trouble the GDPR may bring. But best-practice SIEM means having the ability to see anomalous behavior as it happens, and most importantly, the ability to alert appropriate security personnel and systems on the fly for any perceived threat. This visibility is a must from your mainframe!

Read more about living with the GDPR in CorreLog's GDPR whitepaper found here.


[1] IBM/Ponemon Institute “2018 Cost of Data Breach Study




0 replies