GDPR and cyber security for business information systems /

This book is designed to present specific and practical information on the key areas of compliance with the GDPR relevant to business information systems in a global context. Key areas covered include: principles and rights within the GDPR, information security, data protection by design and default...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Gobeo, Antoni (Autor), Fowler, Connor (Autor), Buchanan, William (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Denmark : River Publishers, [2018]
Colección:River Publishers series in security and digital forensics.
Temas:
Data protection > Law and legislation > European Union countries.
Cyberspace > Security measures.
Computer security.
Database security.
Sécurité informatique.
Bases de données > Sécurité > Mesures.
LAW > Military.
SCIENCE / Energy
Cyberspace > Security measures
Computer security
Data protection > Law and legislation
Database security
European Union countries
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Front Cover; Half Title Page; RIVER PUBLISHERS SERIES IN SECURITY AND DIGITAL FORENSICS; Title Page; Copyright Page; Contents; Preface; Acknowledgements; List of Figures; List of Abbreviations; Part One: Introduction; Chapter 1: The GDPR Fundamentals; A Brief History of Data Collection and Data Protection; The GDPR; To Whom Does It Apply?; Who Is Exempt?; Personal Data: Why it's Worth Protecting; The Privacy Argument; The Economic Argument; Consequences to Individuals of Data Misuse; The Heart of the GDPR; The Six Principles; The Six Lawful Bases; The Rights of Natural Persons in the GDPR
  • The Three ExceptionsChapter Review; References; Appendix; Chapter 2: Organisations, Institutions, and Roles; Introduction; Quis Custodiet Ipsos Custodes?; European Union; Duties of the EDPB; Supervisory Authorities; The ICO in Action; Organisations Under the GDPR; Public Authorities; Types of Public Authorities; NGO's and Charities; NGO's and Charities as Data Controllers; Institutions and Agencies; Court of Justice of the European Union; European Union Agency for Network and Information Security: ENISA; The United Kingdom; Government Communications Headquarters
  • The National Cyber Security CentreThe GCHQ Bude: GCHQ Composite Signals Organisation Morwenstow; Investigatory Powers Commissioner's Office; Investigatory Powers Tribunal; Chapter Review; References; Appendix; Chapter 3: Information Systems Management and the GDPR; Introduction; Information Systems in Organisations; Processes and Essential Systems; Types of Information Systems; Information Management; What is IM; Stakeholders; Data Management through the Ages; Functions of Information Management; Information Systems Theory; Data Flow Mapping; Data Flow Mapping Techniques
  • Data Controller and Data ProcessorData Controller; Data Processor; Distinguishing the Difference Between the Data Controller and the Data Processor; Chapter Review; References; Chapter 4: CyberSecurity and the GDPR; Introduction; Cyber Security as a Function of Compliance; Privacy; Protection; Process; Cyber Attacks; Malware; Social Engineering; Phishing; Countermeasures; Encryption; Chapter Review; References; Part Two: Preparatory Steps; Chapter 5: Data Protection by Design and Default; Introduction; Data Protection is a Program; not a Project; What is Privacy?
  • Privacy and Protection by Design and DefaultThe Security Principle: Appropriate Technical and Organisational Measures; Organisational: A Corporate Culture of Data Protection; Staff Awareness of Security; Organisational Responsibility for Security; Technical Measures; Physical Security; Hardware Security; Computer Security: Design; Computer Security: Measures; Open Web Application Security Project (OWASP); Assessing Information Assets: Value and Risk; Information Classification and Labelling; Special Category Data: Sensitive and Very Sensitive Personal Data; Criminal Offence Data

Ejemplares similares