Automate your GDPR response when hit by Ransomware

According to the GDPR regulations: “If its likely that there will be a risk, then you must notify the local GDPR Supervisory Authority (SA); if its unlikely then you don’t have to report it. However, if you decide you don’t need to report the breach, you need to be able to justify this decision so you should document it!”

Ransomware is an obvious tool of choice for cyber criminals, encrypting files on different shares and folders spread across the network, making GDPR reporting a challenge. Time pressure is now a serious issue, not only from the cyber criminals – but now you also only have 72 hours to comply with GDPR.


Records of the exact time of the attack (beginning to end)


Where the attack was initiated (which endpoint)


Exactly which files have been affected


Who the file owner is


Details of how and when the breach was stopped


Generates an incident report to key stakeholders

With GDPR, it is either a minor incident or a major breach

If you have a breach and have RC in place, it will mostly be a minor incident, but you still need to document your findings. RC provides a fully automated process for internal audit and for major breaches.

“A personal data breach can be broadly defined as a security incident that has affected the confidentiality, integrity or availability of personal data. In short there will be a personal data breach whenever any personal data is lost, destroyed, corrupted or disclosed; if someone accesses the data or passes it on without proper authorisation; or if the data is made unavailable, e.g., when it has been encrypted by ransomware, or accidentally lost or destroyed.”

With RC’s immediate response, most incidents will be considered minor, as only a few files will be compromised before a forced shut down. Customized GDPR reporting ensures you are compliant.