IBM has unveiled incident response capabilities for its IBM Resilient security portfolio to help organizations address the EU General Data Protection Regulation (GDPR).GDPR was approved by the EU Parliament in April 2016 and takes effect May 25, 2018. The regulation replaces the Data Protection Directive 95/46/EC and is designed to streamline data privacy laws across Europe, according to the EU Parliament.In preparation for GDPR, the new IBM Resilient incident response capabilities include:GDPR Preparatory Guide: Offers a step-by-step guide to help organizations prepare for GDPR. GDPR Simulation: Enables an organization's security analysts to rehearse the actions they may need to take if they experience a data breach under GDPR. GDPR-Enhanced Privacy Module: Provides organizations with access to a database of GDPR-related guidelines and regulations. Increased Territorial Scope: GDPR applies to all organizations processing the personal data of data subjects residing in the EU, regardless of location. Consent: Data consent requests must be provided "in an intelligible and easily accessible form, with the purpose for data processing attached to that consent," the EU Parliament indicated. Penalties: Organizations that fail to comply with GDPR can be fined up to 4 percent of annual global turnover or €20 million (roughly $25.92 million), whichever is greater. Teach key stakeholders about GDPR. Identify the personal data that you can store. Remove any unused personal data that is no longer required. Develop an organizational chart that assigns roles and responsibilities based on GDPR. Update security policies and protocols. Incorporate GDPR into standard business practices. Establish clear-cut policies to detect and respond to a data breach. Learn about all of the rights related to data processing included in GDPR. Identify any special organizational requirements and plan accordingly. In addition, an organization can collaborate with a managed security services provider (MSSP) or other security experts to address security gaps before GDPR goes into effect, HelpSystems indicated.