GDPR – General Data Protection Regulation

The European Union (E.U.) Regulation 2016/679 GDPR (General Data Protection Regulation) became enforceable on May 25, 2018. Any organization which holds E.U. citizen data, regardless of the organization's location, is responsible for following these new guidelines.

About GDPR


The GDPR aims primarily to give control back to citizens and residents over their personal data while standardizing the regulatory environment of international business.

GDPR compliance effects any organization that collects, processes, and/or stores any E.U. citizen's information. According to GDPR:

  • Personal data should not be used without consent
  • Organizations are accountable for E.U. citizen data and who can access it (including third-party vendors)
  • Citizens have the right to update their data or request its deletion
  • Fast notification of breaches is mandatory

Fines are imposed if an organization fails to manage the data privacy appropriately.

CIS has released a white paper that explains more about the GDPR regulation and will help you understand how best practices can help your organization be more compliant and secure.

Download the CIS GDPR White Paper

GDPR Compliance

Every organization that handles E.U. citizen data is responsible for implementing appropriate technical and organizational measures to ensure and be able to demonstrate that processing is performed in accordance with the regulation. CIS offers best practices and cybersecurity solutions to help organizations on the path to GDPR compliance.

CIS SecureSuite®

A strong starting point is to utilize a CIS SecureSuite Membership, which includes access to tools such as CIS-CAT Pro and remediation kits, to assess and harden systems. “Hardening” is the process of limiting vulnerabilities in a system to reduce cyber threats.
Arrow Learn About CIS-SecureSuite Membership

CIS Hardened Images

CIS Hardened Images conform to the applicable security standards of the CIS BenchmarksTM, bringing on-demand security to cloud computing environments.
Arrow View Available CIS Hardened Images

CIS ControlsTM

The CIS Controls can serve both as a measurement process to encourage compliance as well as for implementing a security control framework within your organization. In many cases, the entire CIS Controls can be applicable to implement a structured and measured approach to compliance and security for the organization.
Arrow Download the CIS Controls


View our webinar:

Our CISO talked about GDPR and best practices and cybersecurity solutions to help organizations on the path to compliance.

Arrow View Webinar