EU GDPR: A Pocket Guide (European) second edition

EU GDPR: A Pocket Guide (European) second edition

This concise guide is essential reading for EU organisations wanting an easy to follow overview of the new regulation and the compliance obligations for handling data of EU citizens. The EU General Data Protection Regulation (GDPR) will unify data protection and simplify the use of personal data across the EU, and automatically supersedes member states domestic data protection laws. It will also apply to every organisation in the world that processes personal information of EU residents. The Regulation introduces a number of key changes for all organisations that process EU residents’ personal data. EU GDPR: A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for EU organisations. This second edition has been updated with improved guidance around related laws such as the NIS Directive and the future ePrivacy Regulation. EU GDPR – A Pocket Guide sets out: A brief history of data protection and national data protection laws in the EU (such as the German BDSG, French LIL and UK DPA).The terms and definitions used in the GDPR, including explanations.The key requirements of the GDPR, including: Which fines apply to which Articles;The six principles that should be applied to any collection and processing of personal data;The Regulation’s applicability;Data subjects’ rights;Data protection impact assessments (DPIAs);The role of the data protection officer (DPO) and whether you need one;Data breaches, and the notification of supervisory authorities and data subjects;Obligations for international data transfers.How to comply with the Regulation, including: Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records);The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data);The “appropriate technical and organisational measures” you need to take to ensure your compliance with the Regulation.A full index of the Regulation, enabling you to find relevant Articles quickly and easily. Buy your copy today.

The California Consumer Privacy Act (CCPA)

An implementation guide

The California Consumer Privacy Act (CCPA)

Prepare your business for CCPA compliance with our implementation guide that: - Provides the reader with a comprehensive understanding of the legislation by explaining key terms - Explains how a business can implement strategies to comply with the CCPA - Discusses potential developments of the CCPA to further aid compliance

Cybersecurity Law, Standards and Regulations, 2nd Edition

Cybersecurity Law, Standards and Regulations, 2nd Edition

In today’s litigious business world, cyber-related matters could land you in court. As a computer security professional, you are protecting your data, but are you protecting your company? While you know industry standards and regulations, you may not be a legal expert. Fortunately, in a few hours of reading, rather than months of classroom study, Tari Schreider’s Cybersecurity Law, Standards and Regulations (2nd Edition), lets you integrate legal issues into your security program. Tari Schreider, a board-certified information security practitioner with a criminal justice administration background, has written a much-needed book that bridges the gap between cybersecurity programs and cybersecurity law. He says, “My nearly 40 years in the fields of cybersecurity, risk management, and disaster recovery have taught me some immutable truths. One of these truths is that failure to consider the law when developing a cybersecurity program results in a protective façade or false sense of security.” In a friendly style, offering real-world business examples from his own experience supported by a wealth of court cases, Schreider covers the range of practical information you will need as you explore – and prepare to apply – cybersecurity law. His practical, easy-to-understand explanations help you to: Understand your legal duty to act reasonably and responsibly to protect assets and information. Identify which cybersecurity laws have the potential to impact your cybersecurity program. Upgrade cybersecurity policies to comply with state, federal, and regulatory statutes. Communicate effectively about cybersecurity law with corporate legal department and counsel. Understand the implications of emerging legislation for your cybersecurity program. Know how to avoid losing a cybersecurity court case on procedure – and develop strategies to handle a dispute out of court. Develop an international view of cybersecurity and data privacy – and international legal frameworks. Schreider takes you beyond security standards and regulatory controls to ensure that your current or future cybersecurity program complies with all laws and legal jurisdictions. Hundreds of citations and references allow you to dig deeper as you explore specific topics relevant to your organization or your studies. This book needs to be required reading before your next discussion with your corporate legal department. This new edition responds to the rapid changes in the cybersecurity industry, threat landscape and providers. It addresses the increasing risk of zero-day attacks, growth of state-sponsored adversaries and consolidation of cybersecurity products and services in addition to the substantial updates of standards, source links and cybersecurity products.

EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide - Second edition

EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide - Second edition

The updated second edition of the bestselling guide to the changes your organisation needs to make to comply with the EU GDPR. “The clear language of the guide and the extensive explanations, help to explain the many doubts that arise reading the articles of the Regulation.” Giuseppe G. Zorzino The EU General Data Protection Regulation (GDPR) will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018. All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover. This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties. Product overview Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law, explaining the Regulation, and setting out the obligations of data processors and controllers in terms you can understand. Topics covered include: The role of the data protection officer (DPO) – including whether you need one and what they should do.Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.How to adjust your data protection processes to transition to GDPR compliance, and the best way of demonstrating that compliance.A full index of the Regulation to help you find the articles and stipulations relevant to your organisation. New for the second edition: Additional definitions.Further guidance on the role of the DPO.Greater clarification on data subjects’ rights.Extra guidance on data protection impact assessments.More detailed information on subject access requests (SARs).Clarification of consent and the alternative lawful bases for processing personal data.New appendix: implementation FAQ. The GDPR will have a significant impact on organisational data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you exactly what you need to do to comply with the new law.

EU GDPR & EU-US Privacy Shield

A Pocket Guide

EU GDPR & EU-US Privacy Shield

A concise introduction to EU GDPR and EU-US Privacy Shield The EU General Data Protection Regulation will unify data protection and simplify the use of personal data across the EU when it comes into force in May 2018. It will also apply to every organization in the world that processes personal information of EU residents. US organizations that process EU residents' personal data will be able to comply with the GDPR via the EU-US Privacy Shield (the successor to the Safe Harbor framework), which permits international data transfers of EU data to US organizations that self-certify that they have met a number of requirements. EU GDPR & EU-US Privacy Shield – A Pocket Guide provides an essential introduction to this new data protection law, explaining the Regulation and setting out the compliance obligations for US organizations in handling data of EU citizens, including guidance on the EU-US Privacy Shield. Product overview EU GDPR & EU-US Privacy Shield – A Pocket Guide sets out: A brief history of data protection and national data protection laws in the EU (such as the UK DPA, German BDSG and French LIL).The terms and definitions used in the GDPR, including explanations.The key requirements of the GDPR, including:Which fines apply to which Articles;The six principles that should be applied to any collection and processing of personal data;The Regulation’s applicability;Data subjects’ rights;Data protection impact assessments (DPIAs);The role of the data protection officer (DPO) and whether you need one;Data breaches, and the notification of supervisory authorities and data subjects;Obligations for international data transfers.How to comply with the Regulation, including:Understanding your data, and where and how it is used (e.g. Cloud suppliers, physical records);The documentation you need to maintain (such as statements of the information you collect and process, records of data subject consent, processes for protecting personal data);The “appropriate technical and organizational measures” you need to take to ensure your compliance with the Regulation.The history and principles of the EU-US Privacy Shield, and an overview of what organizations must do to comply.A full index of the Regulation, enabling you to find relevant Articles quickly and easily.

CSSLP Certification All-in-One Exam Guide, Second Edition

CSSLP Certification All-in-One Exam Guide, Second Edition

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. This self-study guide delivers 100% coverage of all domainsin the the CSSLP exam Get complete coverage of all the material included on the Certified Secure Software Lifecycle Professional exam. CSSLP Certification All-in-One Exam Guide, Second Edition covers all eight exam domains developed by the International Information Systems Security Certification Consortium (ISC)2®. You’ll find learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. Designed to help you pass the exam with ease, this definitive resource also serves as an essential on-the-job reference. Covers all eight exam domains: •Secure Software Concepts•Secure Software Requirements•Secure Software Design•Secure Software Implementation/Programming•Secure Software Testing•Software Lifecycle Management•Software Deployment, Operations, and Maintenance•Supply Chain and Software Acquisition Online content includes: •Test engine that provides full-length practice exams or customized quizzes by chapter or exam domain

CompTIA Cloud Essentials+ Certification Study Guide, Second Edition (Exam CLO-002)

CompTIA Cloud Essentials+ Certification Study Guide, Second Edition (Exam CLO-002)

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. The best IT certification exam study system available Filled with hands-on exercises and practice exam questions, CompTIA Cloud Essentials+TM Certification Study Guide, Second Edition (Exam CLO-002) covers what you need to know—and shows you how to prepare—for this challenging exam. • 100% complete coverage of all official objectives for exam CLO-002 • Exam Readiness checklist—you’re ready for the exam when all objectives on the list are checked off • Exam Watch notes call attention to information about, and potential pitfalls in, the exam • Two-Minute Drills for quick review at the end of every chapter • Simulated exam questions match the format, tone, topics, and difficulty of the real exam Covers all the exam topics, including: The Principles of Cloud Computing • The Business Side of Cloud Computing • Cloud Planning • Compliance and the Cloud • Cloud Storage Infrastructure • Cloud Network Infrastructure • Cloud Compute Infrastructure • Applications and Big Data in the Cloud • Cloud DevOps • Security and the Cloud • Managing Cloud Risk Online content includes: • Test engine that provides full-length practice exams and customized quizzes by chapter or by exam domain • Access to entire book PDF

GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition

GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. Fully updated coverage of every topic on the current version of the GSEC exam Get complete coverage of all the objectives on Global Information Assurance Certification’s Security Essentials (GSEC) exam inside this comprehensive resource. GSEC GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition provides learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this authoritative resource also serves as an essential on-the-job reference. Covers all exam topics, including: •Networking fundamentals •Network design •Cloud computing •Authentication and access control •Unix/Linux •Windows •Encryption •Risk management •Virtual machines •Vulnerability control •Malware •Incident response •Wireless technologies •Log Management •IoT and embedded devices Online content features: •Two practice exams •Test engine that provides full-length practice exams and customizable quizzes •Author videos

CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003)

CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003)

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. Complete coverage of every topic on the CompTIA Advanced Security Practitioner certification exam Get complete coverage of all objectives included on the CompTIA CASP+ exam CAS-003 from this comprehensive resource. Written by a team of leading information security experts, this authoritative guide fully addresses the skills required for securing a network and managing risk. You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this definitive volume also serves as an essential on-the-job reference. Covers all exam domains, including:•Threats, attacks, and vulnerabilities•Technologies and tools •Architecture and design•Identity and access management •Risk management•Cryptography and PKIElectronic content includes:•200 practice exam questions