Incident Response Planning for Data Protection
21 Pages Posted: 7 Feb 2014
Date Written: July 13, 2013
Abstract
The aim of this paper is to provide an advisory service to organizations in the context of facilitating the development of their CSIR capabilities. A great deal of work has been published regarding the basis of network security policies and the process of setting up CSIRs. This paper examines the implications of European privacy law – specifically the Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (95/46/EC) – for CSIRTs handling information relating to incidents. In particular it examines when and how it is appropriate for a CSIRT to use information itself, and the circumstances in which it may be appropriate to disclose it to others.
Keywords: CSIR, CSIR Capabilities, Incident Response, Data Security
Suggested Citation: Suggested Citation