With the evolution of new technologies and approaches to security, such as the application of big data tools to profoundly analyze network traffic in realtime, security professionals can have a high level of visibility into any type of information. These systems do not distinct between personal and "non-personal" information - they are just trained to detect suspicious patterns and can do so only if all packets are inpected. But what does the law say? Do enterprises have a right to process personal data in order to defend themselves against cyber attacks? KuppingerCole´s Senior Analyst and privacy expert Dr. Karsten Kinast, LL.M. will give you an overview on how current and future legislation is and will answer this question. There is an additional workshop offered for this topic.