Incident Response Planning for Data Protection

21 Pages Posted: 7 Feb 2014

See all articles by Adeel Javaid

Adeel Javaid

Institute of Electrical and Electronics Engineers

Date Written: July 13, 2013

Abstract

The aim of this paper is to provide an advisory service to organizations in the context of facilitating the development of their CSIR capabilities. A great deal of work has been published regarding the basis of network security policies and the process of setting up CSIRs. This paper examines the implications of European privacy law – specifically the Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (95/46/EC) – for CSIRTs handling information relating to incidents. In particular it examines when and how it is appropriate for a CSIRT to use information itself, and the circumstances in which it may be appropriate to disclose it to others.

Keywords: CSIR, CSIR Capabilities, Incident Response, Data Security

Suggested Citation

Javaid, Muhammad Adeel, Incident Response Planning for Data Protection (July 13, 2013). Available at SSRN: https://ssrn.com/abstract=2391677 or http://dx.doi.org/10.2139/ssrn.2391677

Muhammad Adeel Javaid (Contact Author)

Institute of Electrical and Electronics Engineers ( email )

United States

HOME PAGE: http://www.ieee.org

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
46
Abstract Views
896
PlumX Metrics