Incident Response Planning for Data Protection

21 Pages Posted: 7 Feb 2014

Date Written: July 13, 2013

Abstract

The aim of this paper is to provide an advisory service to organizations in the context of facilitating the development of their CSIR capabilities. A great deal of work has been published regarding the basis of network security policies and the process of setting up CSIRs. This paper examines the implications of European privacy law – specifically the Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (95/46/EC) – for CSIRTs handling information relating to incidents. In particular it examines when and how it is appropriate for a CSIRT to use information itself, and the circumstances in which it may be appropriate to disclose it to others.

Keywords: CSIR, CSIR Capabilities, Incident Response, Data Security

Suggested Citation

Javaid, Muhammad Adeel, Incident Response Planning for Data Protection (July 13, 2013). Available at SSRN: https://ssrn.com/abstract=2391677 or http://dx.doi.org/10.2139/ssrn.2391677

Muhammad Adeel Javaid (Contact Author)

Akademia WSB ( email )

Zygmunta Cieplaka 1c, 41-300
Dąbrowa Górnicza
Poland

HOME PAGE: http://wsb.edu.pl

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
91
Abstract Views
1,496
Rank
507,356
PlumX Metrics