Cybersecurity and Privacy Law Handbook

Preface

Part 1: Start From the Basics

1 ISO27001 – Definitions and Security Concepts

The 27k family of standards

Confidentiality, integrity, and availability

Information security concepts and definitions

Governance, policies, and incident management

Governance

Policies and procedures

Incident management

Differences between ISO 27001 and NIST

What’s NIST?

Summary

Part 2: Into the Wild

2 Mandatory Requirements

iSMS, controls, commitment, context, scope policy, and objectives

iSMS

Statement of applicability, risk treatment plan, and action plan

Controls

Commitment and project management

Identify, Protect, Detect, Respond, and Recover

Identify

Protect

Detect

Respond

Recover

Can ISO 27001 and NIST coexist?

Summary

3 Data Protection ...

Get Cybersecurity and Privacy Law Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity and Privacy Law Handbook by Walter Rocchi

Table of Contents

Preface

Part 1: Start From the Basics

1

ISO27001 – Definitions and Security Concepts

The 27k family of standards

Confidentiality, integrity, and availability

Information security concepts and definitions

Governance, policies, and incident management

Governance

Policies and procedures

Incident management

Differences between ISO 27001 and NIST

What’s NIST?

Summary

Part 2: Into the Wild

2

Mandatory Requirements

iSMS, controls, commitment, context, scope policy, and objectives

iSMS

Statement of applicability, risk treatment plan, and action plan

Controls

Commitment and project management

Identify, Protect, Detect, Respond, and Recover

Identify

Protect

Detect

Respond

Recover

Can ISO 27001 and NIST coexist?

Summary

3

Data Protection ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly