Our software fully supports the GDPR process with Regulation (EU) 2016/679 articles built in, providing the DPO with a ready-made suite of tools to model business processes, define what sensitive data exists and where it is, and perform multi-phase Data Privacy Impact Assessments. Click here to read more
Proteus®GRCyber™ helps organisations protect against cyber threats. It prepares you from inside, verifies from outside and discovers attacks. It speaks your language at all levels, from lowly network up to board level, giving you both confidence and risk information aligned to your business objectives.
Are you ready for it? The regulation comes into force in May 2018 and it’s going to be huge to borrow a trumped up term. The Regulation will increase the complexity of cyber security greatly. It’s a European Regulation, therefore legally binding, and will apply to most organisations worldwide that hold any personal data on any EU citizen. Brexit doesn’t change anything – we already know that the UK Government will implement the regulation. If you control or process data that includes the personal information of any EU citizen, then the regulation is likely to apply to your organisation. The exceptions are where organisations have an exemption – these apply in state security scenarios rather than for business size or purpose reasons. Outsourcing a process does not absolve you of responsibility for data you control.Is GDPR the same as the Data Protection Act?
No. This is a considerable step up. The DPA was introduced before we had social media or digital business, and at a time when hacking was a computer geek’s hobby rather than a cyber criminal’s occupation. The term ‘identity theft’ didn’t exist and we didn’t live our lives online. GDPR goes well beyond data protection controls. It places data protection obligations on organisations supported by severe fines for failure (up to the greater of €20m or 4% of turnover) and mandatory data breach reporting. It gives consumers greater control over their data, including the right to correct it, to have it deleted or to withdraw consents previously given, all within relatively short timescales.Will it be a problem for me?
This is quite possibly the biggest legislative change in any of our careers. Therefore, we would urge you to begin this process now.
Most organisations with 250+ staff will need to appoint a Data Protection Officer.
In order to meet the timelines of the regulation we would suggest early appointment of your DPO is critical so they can
coordinate the overall plan of action.
The larger and more diverse the organisation, the more complex and challenging this activity becomes.
And because risk is at the heart of the regulation (the standard mentions risk some 75 times) we believe that it is best managed by your risk management system.
Proteus®GDPReady™ helps organisations become and remain compliant with the regulations, providing a roadmap for compliance with recommendations for immediate action.
Proteus software is provided on a SaaS (Software As A Service) basis. Enterprise versions can be hosted in the Cloud or on-premises, as required. Basic and SME versions are hosted in the Cloud on secure servers within the EU. All versions are ‘upward’ upgradable.
Proteus®GDPReady+ is an optional addition to Proteus®GDPReady and consists of a third party product, the data listener, which has been intergrated integrated with Proteus®GDPReady™. This additional capability allows the organisation to respond to data subject access requests. A core requirement of GDPR is the individual’s right to see their data, to correct it, to pass it to another supplier, to be forgotten, etc, and it the Personal Data Listener that collects this information irrespective of the systems and applications on which it resides. Many organisations find that this is a major challenge in their desire to become GDPR compliant and are considering modifying their applications or introducing another data warehouse. Proteus®GDPReady+™ is a more effective and almost certainly much more cost effective solution.
Harness your existing security infrastructure into a single, integrated, web based, multi-agent cyber protection system.
Audit anything, unify your security systems, report on anything & match risk to business outcomes
Clients can choose from many international standard templates or author their own. Audits can be internal or external, ensuring that you, your suppliers and your vendors comply with best international practice.
Assessing risk is a key part of any security program. Uniquely, Proteus®GRCyber™ can assess threats by their operational, financial or regulatory impact and assign countermeasures to mitigate these threats. Likewise you can assess Confidentially, Integrity and Availability values.
By modelling your business processes, you understand how they relate to each other and interact with the underlying infrastructure and regulatory controls. With this approach you can better understand the financial, regulatory and operational impact of threats that arise within your business.
Good security can only be achieved by creating a security culture within your staff. According to Gartner 70% of breaches can be traced back to bad practice. Proteus®GRCyber™ integrates online security courses to provide focussed security training where and when it’s needed.
For every business process critical to your business you need an effective continuity plan. Proteus®GRCyber™ provides a simple process that can assess the effectiveness of your failover plans.
Visualising how a threat or breach affects the business is key to reacting in a timely fashion and may reduce fines and reputational damage. Riskview2™ allows you to view these relationships clearly and quickly, empowering you to make faster, better decisions.
Some staff may not be suited to the positions they hold. Staff profiling helps avoid these pitfalls up front, reducing the likelihood of malicious behaviour.
Proteus®Analytics™ actively searches the Dark Web, Threat Intelligence feeds as well as news and social media to monitor for chatter about impending attacks. ‘Forewarned is forearmed’ allowing you to prepare better for an anticipated attack.
NTSS collects every IP record your network produces and reconstructs them back into application logic independently of the applications that created them. This traffic can be monitored for unexpected behaviours and network activity (eg unauthorised devices).
Securing the business as best you can on the inside is important, as is rigorously testing this security. Employing the best white hackers and products ensures you’re first to know about a security weakness or vulnerability and can fix it before anyone else finds it.
A large percentage of breaches are due to poor patch management and could have been detected by examining the SIEM logs. Proteus®GRCyber™ collects, searches and alerts on these logs and scopes the impact before the breach occurs.
When an incident occurs, a quick and effective response is essential. With Proteus®GRCyber™
you can quickly track incidents, create projects and teams, allocate tasks and attach critical information (eg. emails and documents)
in order to neutralise the threat.
*NTSS requiresbased on the clients requirements for retention period and performance
Properly implemented, Proteus®GRCyber™ can protect you from 99% of the cyber threats you may face
Proteus-Cyber conceived the iGRC concept and secured major UK Government funding to extend their Proteus®GRCyber™ enterprise governance, risk and compliance
application into a single, integrated, web based, multi-agent cyber protection system.
CSO's can now secure their assets via this single, real time cyber protection system that takes the best of all the many innovative, cutting edge network agents and sensors, and harnesses them to counter the myriad of opportunities that cyber criminals now have at their disposal.
Proteus-Cyber's products and services can help you:
ISO 27001:2013, PCI DSS v3, Cobit V5, BS2599, Cyber Essentials, ITIL, ISO 20000, ISO 22301, Data Protection, HIPPA, plus many others
Proteus®GRCyber™ can be installed in a matter of days. Training is typically 5 days and clients can perform their first compliance audits within weeks.
We provide all the reports your auditor would expect as standard. In addition we deliver the Proteus®GRCyber™ report and dashboard designer, which allows clients to create their own reports with an easy to use drag and drop interface.
Proteus®GRCyber™ is enterprise scalable, for example one of our customers implemented over 1,000 sites across 170 countries. Another has 57,000 staff spread across 25 countries.
A recent PWC report states "70% of security breaches can be traced back to staff with a poor understanding of security policies. Proteus®GRCyber' integrated eLearning package can educate your staff with focussed security awareness training.
Here's the latest security news from around the internet
#CBR Online #GDPR checklist: New survey shows 3/4 of respondents say government explanations inadequate. @Proteus_Cyber we can get you #GDPReady quickly and efficiently. Contact us now https://t.co/EoV3nmfnIB for a demo and more info. https://t.co/n0dEPuXox5
Public sector organisations are ill prepared for #GDPR, taking significantly longer than stipulated by the #GDPR to respond to requests from individuals about the information held about them. Get #GDPReady now with @Proteus_Cyber https://t.co/EoV3nmfnIB https://t.co/xn6DlmMxap
The Investigatory Powers Tribunal has claimed the Government unlawfully delegated powers to GCHQ to order phone and internet companies to hand over sensitive data on the public. #datasecurity #infosec https://t.co/JspGRx802e
The UK is leading global improvements in #security maturity https://t.co/0RjSUBfDj0
#Yahoo agrees $80mn securities class action settlement relating to #databreaches affeting 3 billion customers https://t.co/Hqpt8M3ufV
Healthcare #cyberattacks have doubled in the last year as #cybercriminals are becoming more clever with attacks. #cybersecurity #datasecurity #healthcare #security https://t.co/C28Tkv5zdp
#ICO has launched a new #GDPR awareness campaign aimed at micro-businesses. Get #GDPReady now with @Proteus_Cyber #datasecurity #GDPRcompliance https://t.co/T55NsUZsiW
LinkedIn has updated its terms of service and will become #compliant with the #GDPR in May. Contact @Proteus_Cyber now to get your business #GDPR compliant. Our comprehensive s/w tool with personal data listener will get your business #GDPReady quickly https://t.co/dml3A3zQj6
Over 350,000 Florida Virtual School students have been hit by an almost 2 year #databreach, with over 2,000 teachers also affected. The information leaked could be used for identity theft as well as follow-on #phishing and other social engineering attacks. https://t.co/OTYvQ16Nku
#AppleMac computers are traditionally considered to be less vulnerable to cyber attacks, but malware targeting their operating systems is on the rise, with attacks more than doubling in 2017. #cybersecurity #datasecurity https://t.co/r0Bp4Jwdns
A recent survey suggests most IT decision makers are critical of the Government for failing to educate organisations about #GDPR and its implications. Contact us now to get your business #GDPReady with our comprehensive s/w tool @Proteus_Cyber https://t.co/17RPHQNxbd
Proteus-Cyber Ltd, specialists in Integrated Risk Management software, are excited to release Proteus®GDPReady™. They believe this to be the first GDPR software toolkit on the market that fully supports the GDPR process and helps DPOs to get and keep their organisations GDPR compliant.Link to article
Proteus®GRCyber™ is the most comprehensive integrated Governance, Risk and Compliance product on the market.
Proteus®GRCyber™ allows you to integrate your existing cyber security systems into a single, integrated, web based, multi-agent cyber protection system. With this capability you can systematically and regularly test each and every control applicable to your business.
We collect every IP packet your network produces. With this information we can build a network chart of your infrastructure and highlight insecure or unmanaged assets. Additionally, you can use our relationship browser to view the modelling of business processes to assets, controls, documentation and incidents.
In the multi-user versions of our product you can link to your active directory and delegate controls around the organisation so that each control is answered by the person responsible for it. This process is more time efficient and accurate in collecting responses, policies and procedures.
You can author your own standards into our compliance engine. These can be bespoke standards or your implementation of an international standard. Furthermore, you can model the relationships between your controls and your ISMS.
Please contact one of our country partners to find out more about or to purchase Proteus®GRCyber™
Dr. Henk Jan Jansen, TEL: +49 (0)157 72143686
With many years of experience in the business, our team knows how to support our customers
Chris is the Sales Director, founding partner and owner of Proteus-Cyber Ltd. Passionate about customer satisfaction, Chris would like to discuss with you how Proteus®GRCyber™ could help your business become secure and more profitable.
John is the Managing Director, founding partner and owner of Proteus-Cyber Ltd. He is an expert in encryption and security systems with over 25 years’ experience architecting specialist IT systems.
Craig is the Proteus®GRCyber™ software architect, founding partner and owner. His knowledge of cross-platform architectures and large scale web-based applications has particular relevance to the Proteus®GRCyber™ development program he has led.
Proteus-Cyber is passionate about helping companies use their existing infrastructure in conjunction with Proteus®GRCyber™ to create a single, integrated, web based, multi-agent cyber protection system to secure their businesses in the current climate of insecurity.
firstname.lastname@example.org or follow us on social platform
© 2017 Proteus-Cyber Ltd.