Privacy, Regulations, and Cybersecurity

Book description

Protect business value, stay compliant with global regulations, and meet stakeholder demands with this privacy how-to

Privacy, Regulations, and Cybersecurity: The Essential Business Guide is your guide to understanding what “privacy” really means in a corporate environment: how privacy is different from cybersecurity, why privacy is essential for your business, and how to build privacy protections into your overall cybersecurity plan.

First, author Chris Moschovitis walks you through our evolving definitions of privacy, from the ancient world all the way to the General Law on Data Protection (GDPR).  He then explains—in friendly, accessible language—how to orient your preexisting cybersecurity program toward privacy, and how to make sure your systems are compliant with current regulations.

This book—a sequel to Moschovitis’ well-received Cybersecurity Program Development for Business—explains which regulations apply in which regions, how they relate to the end goal of privacy, and how to build privacy into both new and existing cybersecurity programs. Keeping up with swiftly changing technology and business landscapes is no easy task. Moschovitis provides down-to-earth, actionable advice on how to avoid dangerous privacy leaks and protect your valuable data assets.

  • Learn how to design your cybersecurity program with privacy in mind
  • Apply lessons from the GDPR and other landmark laws
  • Remain compliant and even get ahead of the curve, as privacy grows from a buzzword to a business must
  • Learn how to protect what’s of value to your company and your stakeholders, regardless of business size or industry
  • Understand privacy regulations from a business standpoint, including which regulations apply and what they require
  • Think through what privacy protections will mean in the post-COVID environment

Whether you’re new to cybersecurity or already have the fundamentals, this book will help you design and build a privacy-centric, regulation-compliant cybersecurity program.

Table of contents

  1. COVER
  8. PART ONE: Privacy
    1. CHAPTER 1: Understanding Privacy
    2. CHAPTER 2: A (Very) Brief History of Privacy
      1. The Legal Case for Privacy (the Big Print)
      2. Slouching toward Privacy
      3. Debating Privacy in the US
      4. Confidentiality vs. Privacy
    3. CHAPTER 3: The Legal Case for Privacy (the Finer Print)
      1. International Privacy Legislation
  9. PART TWO: Regulations
    1. CHAPTER 4: Introduction to Regulations
      1. Preparing to Take Charge
      2. Creating Your Privacy Profile
      3. Know before You Go: Using the Regulations Section
      4. One Last Thing before We Go!
    2. CHAPTER 5: North American Regulations
      1. United States
      2. Federal Regulations
      3. State Regulations
      4. California
      5. Maine
      6. Amendment to the Nevada Privacy of Information Collected on the Internet from Consumers Act via SB 220
      7. Data Protection in the United States: Conclusions
      8. Canada
      9. Mexico
    3. CHAPTER 6: European Regulations
      1. Non-EU Member European Countries
      2. Russia
      3. Switzerland
      4. Coming Soon to a European Union Near You!
    4. CHAPTER 7: Asia-Pacific Regulations
      1. China
      2. India
      3. Japan
      4. Australia
    5. CHAPTER 8: African Regulations
      1. Economic Community of West African States
      2. Nigeria
      3. South Africa
      4. Egypt
    6. CHAPTER 9: South American Regulations
      1. Brazil
      2. Argentina
      3. Colombia
  10. PART THREE: Privacy and Cybersecurity
    1. CHAPTER 10: Introduction to Cybersecurity
      1. Everything You Always Wanted to Know About Tech (But Were Afraid to Ask Your Kids)
      2. In the Beginning1……
      3. Key Definitions
      4. Note
    2. CHAPTER 11: A Cybersecurity Primer
      1. Cybersecurity Defined
      2. Confidentiality
      3. Integrity
      4. Availability
      5. Safety
      6. Measuring Cybersecurity's Success
      7. Ensuring and Preserving
      8. Cybersecurity Controls and Defense in Depth
      9. Defense in Depth
      10. The Threats
      11. Threat Agents
      12. Key Trends Influencing Threat Agents
      13. The Nature of Hackers
      14. Attack Process
      15. Types of Attacks
      16. A Brief Cyberglossary
    3. CHAPTER 12: Privacy-Centric Cybersecurity Program Overview
      1. What's the Point of It All?
      2. Vision and Mission Statements
      3. Culture and Strategy
      4. Off to See the Wizard
      5. What Does Organizational IT Typically Look Like?
      6. What's at Risk?
      7. Threat Assessment
      8. At the Club House Turn!
      9. Mitigating Risk
      10. Incident Response Planning
    4. CHAPTER 13: Privacy by Design Overview
      1. The Case for Frameworks
    5. CHAPTER 14: Cover Your Assets!
      1. Asset Classification
      2. Asset Metadata
      3. A Fleeting Glimpse into the Other Side
      4. Business Impact Analysis
      5. One Spreadsheet to Rule Them All
    6. CHAPTER 15: Threat Assessment
      1. Types of Threats
      2. Internal Threats
      3. External Threats
      4. Threat Rankings
      5. Threat Intelligence
      6. Threat Modeling
    7. CHAPTER 16: Vulnerabilities
      1. Who's Who in Vulnerabilities Tracking
      2. Vulnerabilities: Mapping and Remediation
      3. Vulnerability Testing
    8. CHAPTER 17: Environments
      1. On-Premises Computing Environments
      2. Private Cloud Computing Environments
      3. Public Cloud Computing Environments
      4. Hybrid Cloud Computing Environments
      5. Cloud Security Questions
      6. The Internet of Things (IoT)
      7. Distributed Workforces
    9. CHAPTER 18: Controls
      1. Preventative Controls
      2. Detective Controls
      3. Corrective Controls
      4. Compensatory Controls
      5. Defense in Depth
      6. Privacy and Cybersecurity Controls
      7. People, Technology, and Operations
      8. Communications
      9. Policies, Standards, Procedures, and Guidelines
      10. Putting It All Together
    10. CHAPTER 19: Incident Response
      1. Incident Response Planning: Not Just a Good Idea—It's the Law!
      2. Incident-Response Plan Phases
      3. Preparing Your Incident-Response Plan
      4. Identifying Incidents
      5. Containing Incidents
      6. Treating Incidents
      7. Incident Recovery
      8. Post-Incident Review
      9. Do It All Over Again!
    11. CHAPTER 20: Welcome to the Future! Now, Go Home!
      1. Social Transformation
      2. Technology Transformation
      3. Business Transformation
      4. The Story of ACME
      5. Final Words
    1. History, Case Law, and Legal Analysis
    2. Legislation, Regulation, and Analysis
    3. Information Technology, Design, and Privacy
    4. Threat and Incident Reports
    5. Future Trends
    6. Selected Bibliography from Cybersecurity Program Development for Business: The Essential Planning Guide (Wiley 2018)
  12. INDEX

Product information

  • Title: Privacy, Regulations, and Cybersecurity
  • Author(s): Chris Moschovitis
  • Release date: February 2021
  • Publisher(s): Wiley
  • ISBN: 9781119658740