Problem

A Fortune 500 multinational consumer organization was presented with the challenge of balancing automation of an extended global supply chain against the need to adequately protect sensitive customer data spread across markets with complex legal considerations. Compliance with the European Union General Data Protection Regulation (GDPR) by the mandated implementation date became a priority due to the potential for significant fines and penalties for non-compliant data controllers and processors, but these efforts had to be weighed against the risks and impacts to core business functions.

SOLUTION

The corporation engaged Fortress Information Security to assess its complex third party data management programs and provide actionable recommendations to identify privacy risks and support mitigation efforts. Fortress deployed information security and privacy subject matter experts to evaluate the readiness of the company’s portfolio of third party relationships and developed a plan of action with key stakeholders to meet the regulatory compliance requirements established by the GDPR.

OUTCOMES

  • Utilized Fortress Guardian scanning and threat management solution to identify vulnerabilities in the company’s network of third party information systems and implemented our Data Driven Risk Rank methodology to guide data security assessment activities for enterprise critical relationships.
  • Created a summary report of assessment findings detailing GDPR compliance requirements and preparedness efforts undertaken by the institution and its third parties to address the identified issues. The snapshot of current policies and procedures offered invaluable executive visibility over the gaps between the existing state of the program and the required provisions necessary to comply with the data protection legislation.
  • Provided recommendations detailing critical success factors which not only met the minimum requirements established by the regulations to avoid fines and penalties, but also laid the foundation for a more robust data security program which promoted industry best practices for the management of sensitive customer data in an increasingly hostile threat environment.
  • Fortress completed a rapid but thorough review of the data management and privacy risks which allowed the client to prioritize mitigation efforts and ensure compliance with the new regulations ahead of the mandated implementation date.

Connect with us

 

Talk with Fortress today about how to manage risk and get better performance and compliance across your enterprise! Set up an appointment to speak with a representative.

 

189 S Orange Ave #1950, Orlando, FL 32801

407.573.6800

sales@fortressinfosec.com


View More Resources Here

Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 1
Utilities
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 2
Transportation
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 3
Healthcare
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 4
Finance
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 5
Energy
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 6
Additional Industries
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 7

Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 8 Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 9 Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy 10

189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com

COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

PRESS RELEASE

FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS

Emerging Risk Brief

ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

Advisory

5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

White Paper

CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

Advisory

5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

WHITE PAPER

NERC CIP COMPLIANCE

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory
updates, cyber security news alerts and more,
sign up to receive the Fortress Newsletter.

Threat Advisory

Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

WEBINAR DOCUMENT

NERC CIP SUPPLY CHAIN SECURITY STANDARDS