Our software fully supports the GDPR process with Regulation (EU) 2016/679 articles built in, providing the DPO with a ready-made suite of tools to model business processes, define what sensitive data exists and where it is, and perform multi-phase Data Privacy Impact Assessments. Click here to read more
Proteus®GRCyber™ helps organisations protect against cyber threats. It prepares you from inside, verifies from outside and discovers attacks. It speaks your language at all levels, from lowly network up to board level, giving you both confidence and risk information aligned to your business objectives.
Are you ready for it? The regulation comes into force in May 2018 and it’s going to be huge to borrow a trumped up term. The Regulation will increase the complexity of cyber security greatly. It’s a European Regulation, therefore legally binding, and will apply to most organisations worldwide that hold any personal data on any EU citizen. Brexit doesn’t change anything – we already know that the UK Government will implement the regulation. If you control or process data that includes the personal information of any EU citizen, then the regulation is likely to apply to your organisation. The exceptions are where organisations have an exemption – these apply in state security scenarios rather than for business size or purpose reasons. Outsourcing a process does not absolve you of responsibility for data you control.Is GDPR the same as the Data Protection Act?
No. This is a considerable step up. The DPA was introduced before we had social media or digital business, and at a time when hacking was a computer geek’s hobby rather than a cyber criminal’s occupation. The term ‘identity theft’ didn’t exist and we didn’t live our lives online. GDPR goes well beyond data protection controls. It places data protection obligations on organisations supported by severe fines for failure (up to the greater of €20m or 4% of turnover) and mandatory data breach reporting. It gives consumers greater control over their data, including the right to correct it, to have it deleted or to withdraw consents previously given, all within relatively short timescales.Will it be a problem for me?
This is quite possibly the biggest legislative change in any of our careers. Therefore, we would urge you to begin this process now.
Most organisations with 250+ staff will need to appoint a Data Protection Officer.
In order to meet the timelines of the regulation we would suggest early appointment of your DPO is critical so they can
coordinate the overall plan of action.
The larger and more diverse the organisation, the more complex and challenging this activity becomes.
And because risk is at the heart of the regulation (the standard mentions risk some 75 times) we believe that it is best managed by your risk management system.
Proteus®GDPReady™ helps organisations become and remain compliant with the regulations, providing a roadmap for compliance with recommendations for immediate action.
Proteus software is provided on a SaaS (Software As A Service) basis. Enterprise versions can be hosted in the Cloud or on-premises, as required. Basic and SME versions are hosted in the Cloud on secure servers within the EU. All versions are ‘upward’ upgradable.
Proteus®GDPReady+ is an optional addition to Proteus®GDPReady and consists of a third party product, the data listener, which has been intergrated integrated with Proteus®GDPReady™. This additional capability allows the organisation to respond to data subject access requests. A core requirement of GDPR is the individual’s right to see their data, to correct it, to pass it to another supplier, to be forgotten, etc, and it the Personal Data Listener that collects this information irrespective of the systems and applications on which it resides. Many organisations find that this is a major challenge in their desire to become GDPR compliant and are considering modifying their applications or introducing another data warehouse. Proteus®GDPReady+™ is a more effective and almost certainly much more cost effective solution.
Harness your existing security infrastructure into a single, integrated, web based, multi-agent cyber protection system.
Audit anything, unify your security systems, report on anything & match risk to business outcomes
Clients can choose from many international standard templates or author their own. Audits can be internal or external, ensuring that you, your suppliers and your vendors comply with best international practice.
Assessing risk is a key part of any security program. Uniquely, Proteus®GRCyber™ can assess threats by their operational, financial or regulatory impact and assign countermeasures to mitigate these threats. Likewise you can assess Confidentially, Integrity and Availability values.
By modelling your business processes, you understand how they relate to each other and interact with the underlying infrastructure and regulatory controls. With this approach you can better understand the financial, regulatory and operational impact of threats that arise within your business.
Good security can only be achieved by creating a security culture within your staff. According to Gartner 70% of breaches can be traced back to bad practice. Proteus®GRCyber™ integrates online security courses to provide focussed security training where and when it’s needed.
For every business process critical to your business you need an effective continuity plan. Proteus®GRCyber™ provides a simple process that can assess the effectiveness of your failover plans.
Visualising how a threat or breach affects the business is key to reacting in a timely fashion and may reduce fines and reputational damage. Riskview2™ allows you to view these relationships clearly and quickly, empowering you to make faster, better decisions.
Some staff may not be suited to the positions they hold. Staff profiling helps avoid these pitfalls up front, reducing the likelihood of malicious behaviour.
Proteus®Analytics™ actively searches the Dark Web, Threat Intelligence feeds as well as news and social media to monitor for chatter about impending attacks. ‘Forewarned is forearmed’ allowing you to prepare better for an anticipated attack.
NTSS collects every IP record your network produces and reconstructs them back into application logic independently of the applications that created them. This traffic can be monitored for unexpected behaviours and network activity (eg unauthorised devices).
Securing the business as best you can on the inside is important, as is rigorously testing this security. Employing the best white hackers and products ensures you’re first to know about a security weakness or vulnerability and can fix it before anyone else finds it.
A large percentage of breaches are due to poor patch management and could have been detected by examining the SIEM logs. Proteus®GRCyber™ collects, searches and alerts on these logs and scopes the impact before the breach occurs.
When an incident occurs, a quick and effective response is essential. With Proteus®GRCyber™
you can quickly track incidents, create projects and teams, allocate tasks and attach critical information (eg. emails and documents)
in order to neutralise the threat.
*NTSS requiresbased on the clients requirements for retention period and performance
Properly implemented, Proteus®GRCyber™ can protect you from 99% of the cyber threats you may face
Proteus-Cyber conceived the iGRC concept and secured major UK Government funding to extend their Proteus®GRCyber™ enterprise governance, risk and compliance
application into a single, integrated, web based, multi-agent cyber protection system.
CSO's can now secure their assets via this single, real time cyber protection system that takes the best of all the many innovative, cutting edge network agents and sensors, and harnesses them to counter the myriad of opportunities that cyber criminals now have at their disposal.
Proteus-Cyber's products and services can help you:
ISO 27001:2013, PCI DSS v3, Cobit V5, BS2599, Cyber Essentials, ITIL, ISO 20000, ISO 22301, Data Protection, HIPPA, plus many others
Proteus®GRCyber™ can be installed in a matter of days. Training is typically 5 days and clients can perform their first compliance audits within weeks.
We provide all the reports your auditor would expect as standard. In addition we deliver the Proteus®GRCyber™ report and dashboard designer, which allows clients to create their own reports with an easy to use drag and drop interface.
Proteus®GRCyber™ is enterprise scalable, for example one of our customers implemented over 1,000 sites across 170 countries. Another has 57,000 staff spread across 25 countries.
A recent PWC report states "70% of security breaches can be traced back to staff with a poor understanding of security policies. Proteus®GRCyber' integrated eLearning package can educate your staff with focussed security awareness training.
Here's the latest security news from around the internet
A perfect storm! Details and lessons learnt from the #cyberattack that hit Parliament https://t.co/BE5l52FP4R
MEP's push for stronger #dataprotection by EU Institutions https://t.co/WkzdyceOAu
FT30 firms at risk from #Equifax style #breach as research finds they're running vulnerable servers https://t.co/0NrXDXso28
What is #GDPR? Contact us now to find out how we can help get your business #GDPReady @Proteus_Cyber https://t.co/qN5jzqsocq
Ahead of #GDPR even minor breaches are now being reported, with Homes and Communities Agency #breach reported to ICO https://t.co/AXXBYsxfMa
#PwC say UK organizations are unprepared for #cyberattacks and lack visibility into #cyberthreats https://t.co/nZ9yU0lYYv
London is calling on the #CyberSecurity community to help keep the city’s businesses safe from #cybercrime https://t.co/2zFOaL0OQq
NHS Digital head of security talks security landscape in the NHS and how the #NHS #WannaCry attack unfolded https://t.co/laUy3mubk2
Pizza Hut customers wait 2 weeks to learn of #databreach, despite company taking swift action to halt the #breach https://t.co/O6860dbPpA
All devices connected to the internet could fall victim to hackers exploiting a security flaw called #KRACK https://t.co/Vem5OeomA3
UK and Canada sign #digital Government Memorandum of Understanding https://t.co/8nRAuLHv6Q
North Korea targets US Power Grid #CyberAttack #spearphishing https://t.co/K2NUYhDMjP
Proteus-Cyber Ltd, specialists in Integrated Risk Management software, are excited to release Proteus®GDPReady™. They believe this to be the first GDPR software toolkit on the market that fully supports the GDPR process and helps DPOs to get and keep their organisations GDPR compliant.Link to article
Proteus®GRCyber™ is the most comprehensive integrated Governance, Risk and Compliance product on the market.
Proteus®GRCyber™ allows you to integrate your existing cyber security systems into a single, integrated, web based, multi-agent cyber protection system. With this capability you can systematically and regularly test each and every control applicable to your business.
We collect every IP packet your network produces. With this information we can build a network chart of your infrastructure and highlight insecure or unmanaged assets. Additionally, you can use our relationship browser to view the modelling of business processes to assets, controls, documentation and incidents.
In the multi-user versions of our product you can link to your active directory and delegate controls around the organisation so that each control is answered by the person responsible for it. This process is more time efficient and accurate in collecting responses, policies and procedures.
You can author your own standards into our compliance engine. These can be bespoke standards or your implementation of an international standard. Furthermore, you can model the relationships between your controls and your ISMS.
Please contact one of our country partners to find out more about or to purchase Proteus®GRCyber™
Dr. Henk Jan Jansen, TEL: +49 (0)157 72143686
With many years of experience in the business, our team knows how to support our customers
Chris is the Sales Director, founding partner and owner of Proteus-Cyber Ltd. Passionate about customer satisfaction, Chris would like to discuss with you how Proteus®GRCyber™ could help your business become secure and more profitable.
John is the Managing Director, founding partner and owner of Proteus-Cyber Ltd. He is an expert in encryption and security systems with over 25 years’ experience architecting specialist IT systems.
Craig is the Proteus®GRCyber™ software architect, founding partner and owner. His knowledge of cross-platform architectures and large scale web-based applications has particular relevance to the Proteus®GRCyber™ development program he has led.
Proteus-Cyber is passionate about helping companies use their existing infrastructure in conjunction with Proteus®GRCyber™ to create a single, integrated, web based, multi-agent cyber protection system to secure their businesses in the current climate of insecurity.
firstname.lastname@example.org or follow us on social platform
© 2017 Proteus-Cyber Ltd.