Cybersecurity and privacy law handbook a beginner's guide to dealing with privacy and security while keeping hackers at bay
It'll not only equip you with the rudiments of cybersecurity but also guide you through privacy laws and explain how you can ensure compliance to protect yourself from cybercrime and avoid the hefty fines imposed for non-compliance with standards. Assuming that you're new to the field, thi...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Birmingham
Packt Publishing
2022
|
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- 7.3
- Awareness
- The importance of anonymous, pseudonymous, de-identified, and aggregated information
- Legal bases for data processing
- Data access privileges
- Fines and penalties
- Why deal with data protection?
- The six principles of the GDPR
- Summary
- Chapter 4: Data Processing
- The data controller
- The data processor
- Accountability
- Recommended documents
- The privacy dashboard
- Training materials
- Mandatory documents
- Data protection
- the last warning
- EU-US Privacy Shield
- Brief summary
- Schrems II ruling
- The frequently asked questions issued by the EDPB
- What occurs next? Vade mecum for entities
- Conclusions
- Summary
- Chapter 5: Security Planning and Risk Management
- Security threats and challenges
- What are the different types of security threats?
- What is risk and what is a threat?
- Implementing a risk management program
- Why is risk management so important?
- Traditional risk management versus enterprise risk management
- What are the steps involved in risk management for information security?
- From the top-down to the bottom-up
- Benefits and challenges of risk management
- ISMS, controls, commitment, context, scope policy, and objectives
- iSMS
- Statement of applicability, risk treatment plan, and action plan
- Controls
- Commitment and project management
- Identify, Protect, Detect, Respond, and Recover
- Identify
- Protect
- Detect
- Respond
- Recover
- Can ISO 27001 and NIST coexist?
- Summary
- Chapter 3: Data Protection
- What is privacy (and why do we desperately need it)?
- GDPR and his brothers
- Territorial scope
- The GDPR, CCPA, and LGPD each define personal data differently
- Building and implementing a risk management plan
- Qualitative risk analysis
- Quantitative risk analysis
- Difference between qualitative and quantitative risk analysis
- When to perform a qualitative and quantitative risk analysis
- Summary
- Part 3: Escape from Chaos
- Chapter 6: Define ISO 27001 Mandatory Requirements
- ISO 27001 operations
- The ISO 27001 standard
- what it is and what requirements it establishes
- How to structure an iSMS
- ISO 27001 support requirements (or Clause 7)
- 7.1
- Resources required to establish and operate an iSMS
- 7.2
- Competency
- Cover
- Title Page
- Copyright and Credits
- Dedication
- Contributors
- Table of Contents
- Preface
- Part 1: Start From the Basics
- Chapter 1: ISO27001
- Definitions and Security Concepts
- The 27k family of standards
- Confidentiality, integrity, and availability
- Information security concepts and definitions
- Governance, policies, and incident management
- Governance
- Policies and procedures
- Incident management
- Differences between ISO 27001 and NIST
- What's NIST?
- Summary
- Part 2: Into the Wild
- Chapter 2: Mandatory Requirements