breach-detection-system
Installation
SKILL.md
Implementing Breach Detection System
Overview
Effective breach detection is the prerequisite for timely Art. 33 notification. The GDPR does not prescribe specific detection technologies, but Art. 32 requires appropriate technical and organisational measures, and Art. 33(1) creates a de facto obligation to detect breaches promptly — a controller cannot notify within 72 hours if it takes months to discover a breach. This skill covers the technical architecture for personal data breach detection, including SIEM integration, DLP alerting, behavioral analytics, and insider threat monitoring.
Breach Classification Taxonomy
Level 1: CIA Triad Classification
| Type | Definition | Detection Method |
|---|---|---|
| Confidentiality | Unauthorized disclosure or access to personal data | DLP alerts, access log anomalies, data exfiltration detection |
| Integrity | Unauthorized modification of personal data | File integrity monitoring, database audit logs, checksum validation |
| Availability | Loss of access to or destruction of personal data | System health monitoring, backup verification, ransomware detection |
Level 2: Attack Vector Classification
| Vector | Description | Primary Detection |
Related skills