Patching the patchwork: appraising the EU regulatory framework on cyber security breaches

Porcedda, Maria Grazia

doi:10.1016/j.clsr.2018.04.009

Cited by 23 publications

(3 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Organizations must have a clearly defined security incident response plan, which details the steps to be taken in the event of incidents being discovered. These steps may include isolating compromised systems, collecting forensic evidence, notifying relevant authorities or service providers, and implementing immediate repairs to prevent further spread of the incident (Porcedda, 2018). In addition to incident response, organizations must have recovery plans that detail the steps to be taken to bring the system back to normal after an incident.…”

Section: Key Elements Of Information Security In a Business Contextmentioning

confidence: 99%

Compatibility of leadership styles with information security in organizations

Tokalić

2024

Serb J Engin Manag

View full text Add to dashboard Cite

This paper investigates the significance of the alignment of leadership styles with information security in organizations. The focus is on the analysis of transactional and transformational leadership and their contribution to the implementation of security policies and practices. Transactional leadership, focused on setting clear goals and rewarding, provides structure and accountability, while transformational leadership, which inspires and encourages change, encourages engagement, adaptability and innovation. Through the integration of these leadership styles, organizations can build a holistic approach that supports a safety culture and effectively responds to dynamic safety challenges. It is critical that leaders recognize the importance of information security and adapt their leadership styles to support the integrity, confidentiality and availability of information, key components of a secure organization in the digital age.

show abstract

Section: Key Elements Of Information Security In a Business Contextmentioning

confidence: 99%

Compatibility of leadership styles with information security in organizations

Tokalić

2024

Serb J Engin Manag

View full text Add to dashboard Cite

show abstract

“…Porcedda 31 examined aspects of this problem with a review of various European data protection legislation and identified a need to describe more than just ‘breaches’. The author defined breaches as being comprised of ‘events’, leading to … destruction , loss , or disclosure of data.…”

Section: Literature Reviewmentioning

confidence: 99%

CYBER-AIDD: A novel approach to implementing improved cyber security resilience for large Australian healthcare providers using a Unified Modelling Language ontology

Dart

Ahmed

2023

DIGITAL HEALTH

View full text Add to dashboard Cite

Purpose This paper proposes a novel cyber security risk governance framework and ontology for large Australian healthcare providers, using the structure and simplicity of the Unified Modelling Language (UML). This framework is intended to mitigate impacts from the risk areas of: (1) cyber-attacks, (2) incidents, (3) data breaches, and (4) data disclosures. Methods Using a mixed-methods approach comprised of empirical evidence discovery and phenomenological review, existing literature is sourced to confirm baseline ontological definitions. These are supplemented with Australian government reports, professional standards publications and legislation covering cyber security, data breach reporting and healthcare governance. Historical examples of healthcare cyber security incidents are reviewed, and a cyber risk governance UML presented to manage the defined problem areas via a single, simplified ontological diagram. Results A clear definition of ‘cyber security’ is generated, along with the ‘CYBER-AIDD’ risk model. Specific examples of cyber security incidents impacting Australian healthcare are confirmed as N = 929 over 5 years, with human factors the largest contributor. The CYBER-AIDD UML model presents a workflow across four defined classes, providing a clear approach to implementing the controls required to mitigate risks against verified threats. Conclusions The governance of cyber security in healthcare is complex, in part due to a lack of clarity around key terms and risks, and this is contributing to consistently poor operational outcomes. A focus on the most essential avenues of risk, using a simple UML model, is beneficial in describing these risks and designing governance controls around them.

show abstract

“…Security requirements also vary considerably; for example, there is a significant difference in the level of security and data protection requirements for different types of devices. This raises the question of whether the services concerned can becalled telecommunications services and whether they should be regulated within a regulatory framework for telecommunications [14].…”

Section: Literature Reviewmentioning

confidence: 99%

Personal Data Protection in the Internet of Things

Olinder¹,

Fedyakin²,

Коrneeva³

2021

Proceedings of the 1st International Scientific Conference "Legal Regulation of the Digital Economy and Digital Relations: Prob

View full text Add to dashboard Cite

Recent growth of the information and communication technologies (ICT) created enormous opportunities for the economic and technical growth. However, they also opened the Pandora's box of cybercrime, stealing personal information and identity, spying on people's working and private lives as well as other related issues. Internet of Things (IoT) that combines a myriad of devices connected together for a two-way flow of information represents another important challenge, since it collects and stores zillions of personal data that can be abused by the third parties. Our paper analyses the recent developments of IoT in the light of data protection and tackling cybercrime. We show that since the concept is relatively young, very few legislative norms exist for its regulation and persecution of violators. It is also clear that new laws and rules should be introduced but the fragile balance between personal data protection and total "Big Brother-like" control from the law enforcement agencies and the governments should be carefully maintained and secured.

show abstract

Patching the patchwork: appraising the EU regulatory framework on cyber security breaches

Cited by 23 publications

References 3 publications

Compatibility of leadership styles with information security in organizations

Compatibility of leadership styles with information security in organizations

CYBER-AIDD: A novel approach to implementing improved cyber security resilience for large Australian healthcare providers using a Unified Modelling Language ontology

Personal Data Protection in the Internet of Things

Contact Info

Product

Resources

About