GDPR Advisory #3: Conducting GDPR Security Risk Assessments
Knowing – and managing – who has what access when to what helps reveal potential sources of risk.
GDPR Article 35 requires the controller to conduct a data protection impact assessment prior to the processing of personal data. This means that you need to know who has access to personal data and what privileges and possible vulnerabilities or risks of unauthorized access are at every stage of personal data processing. This includes access by third party processors and vendors.
In this webinar, you will learn how CyberArk’s Red Team:
- Discovers privileged user and application accounts across the enterprise
- Understand how easy or difficult it would be for an external attacker could use 3rd party access and identify various critical pathways
- Conducts impact assessments to help you understand your areas of privileged access vulnerability