You're reading from Cybersecurity and Privacy Law Handbook A beginner's guide to dealing with privacy and security while keeping hackers at bay

Product type Paperback

Published in Dec 2022

Publisher Packt

ISBN-13 9781803242415

Length 230 pages

Edition 1st Edition

Languages

CSS

Concepts

Cybersecurity

Author (1):

Walter Rocchi

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Start From the Basics

2. Chapter 1: ISO27001 – Definitions and Security Concepts FREE CHAPTER

3. Part 2: Into the Wild

4. Chapter 2: Mandatory Requirements

5. Chapter 3: Data Protection

6. Chapter 4: Data Processing

7. Chapter 5: Security Planning and Risk Management

8. Part 3: Escape from Chaos

9. Chapter 6: Define ISO 27001 Mandatory Requirements

10. Chapter 7: Risk Management, Controls, and Policies

11. Chapter 8: Preparing Policies and Procedures to Avoid Internal Risk

12. Chapter 9: Social Engineering, Password Guidance, and Policy

13. Chapter 10: The Cloud

14. Chapter 11: What about the US?

15. Index

Why subscribe?

16. Other Books You May Enjoy

Appendix

What this book covers

Chapter 1, ISO27001 – Definitions and Security Concepts, describes in a clear and understandable way the 27k family of standards, confidentiality, integrity and availability, information security concepts and definitions, governance, policies, incident management, and differences within NIST, the National Institute of Standards and Technology.

Chapter 2, Mandatory Requirements, explores iSMS, information security management system, controls, commitment, context, scope policy, and objectives of the ISO 27001 and NIST framework.

Chapter 3, Data Protection, delves into the history of privacy, General Data Protection Regulation (GDPR), and other privacy laws, territorial scope, anonymous, pseudonymous, de-identified, and aggregated data, legal basis (or justification) for data processing, data access privileges, and fines, the six principles of GDPR, and, finally, why we have to deal with data protection.

Chapter 4, Data Processing, discusses the roles involved in data processing, looking at data controllers, data processors, accountability, privacy dashboards, a Data Protection Impact Analysis (DPIA), treatment register, the EU-US Privacy Shield, and Schrems II.

Chapter 5, Security Planning and Risk Management, focuses on risk management. We will understand what the security threats and challenges are, the various security threats, how to implement a risk management program, the differences between traditional risk management and enterprise risk management, and why risk management is so important.

Chapter 6, Define ISO 27001 Mandatory Requirements, dives deep into the ISO 27001 framework and its Annex A controls, with all the clauses within the ISO program.

Chapter 7, Risk Management, Controls and Policies, looks at how risk management interacts with controls and policies. We will be focusing on risk heat maps and risk mitigation techniques. Then, we’ll deep dive data classification and policies.

Chapter 8, Preparing Policies and Procedures to Avoid Internal Risk, discusses how to write policies and procedures in a corporate way.

Chapter 9, Social Engineering, Password Guidance, and Policy, reveals the most important social engineering attempts to steal your credentials and how to avoid them by using complex password management.

Chapter 10, The Cloud, deals with the cloud, from the basics to how it works now, in our quest for frameworks and privacy processes.

Chapter 11, What About the US?, discusses social engineering, password guidance, and privacy policies in the US, including local and national laws and bills. We’ll also be taking a glance at the privacy side of phenomena such as Bring Your Own Device (BYOD) and remote working.

Appendix, explains how security, privacy and pandemic are changing our lives