GDPR vs. Existing Frameworks: Overlaps, Differences, and Filling the Gaps

Introduction

— by Pat Cable, Senior Infrastructure Security Engineer, Threat Stack

From time to time Threat Stack invites industry experts to share our blog space, and in today’s post, Chris Lippert, Privacy Technical Lead at Schellman & Company, LLC., takes a look at the General Data Protection Regulation (GDPR), a topic that is on everyone’s mind, whether they’re prepared for it or not.

In this post, Chris explores what’s unique about the GDPR, how it overlaps with existing frameworks including ISO/IEC 27000, NIST, and PCI, and points to how you can leverage your current controls to meet many of the security considerations for personal data under Article 32, as well as other requirements of the GDPR, such as data protection policies or vendor management.

Without further ado, here are Chris’ insights into GDPR. Read more “GDPR vs. Existing Frameworks: Overlaps, Differences, and Filling the Gaps”