He wants you to know the information security law!
Whether you’re a Chief Information Officer (CIO), IT Manager, Security Manager or you are your own boss, it is extremely important that you understand developing law of information security, what it means for the business, and the standard for corporate compliance that appears to be developing worldwide. What’s the point in running a business if the correct information security procedures are not followed?
In today’s business world, practically all of a company’s daily operations and all of its key records are created, used, communicated, and stored electronically using networked computer technology. Information technology (IT) is a core element upon which many companies depend on for their day-to-day practices. Thus, if something information-related goes wrong, a whole lot of other hiccups may take place, like in a chain reaction; one element triggers another and so on.
The information security laws can stretch from choosing right (strong) passwords, through to encrypted data and antivirus programmes. Information Security Law: The Emerging Standard for Corporate Compliance is designed to provide an overview to the law of information security and the standard for corporate compliance. It is based on a review of numerous security statues and regulations, and the resulting realisation that there is an amazing consistency in approach among most laws and regulations governing corporate information security obligations. The book seeks to explain that approach.
This excellent guide covers such areas, as information security controls, development of a compliant security program, role of standards and security breach notification.
ISO/IEC 27001, the international information security standard, should be read alongside this book!