The first chapter of my new ebook, “Understanding Data Protection from Four Critical Perspectives” has been published!
The first chapter is “What Corporate Business Leaders Need To Know About Data Protection” and is written to an audience of CEOs and other executive business leaders who may not have an IT or information security background. I wrote this chapter for information security and privacy practitioners and officers to be able to give to their executive business leaders to help them understand data protection and compliance better, in addition to helping to get them to sponsor data protection efforts.
Here’s the introduction to the chapter, which also provides an overview of the book:
“If handling complex and difficult information protection requirements and issues is not at the top of the priority list for companies maintaining customer and employee information, it should be moving there. Unfortunately, the viewpoints of information protection and the associated issues and activities that are necessary within a business enterprise are often drastically different from area to area.
Why this propensity for widely varied views of the role of information protection within business? There are many reasons. Generally, however, when addressing the many different information protection issues throughout a business enterprise, there are often gaps in communication and coordination activities between the primary information protection decisionāmaking stakeholders throughout the organization, such as the legal and privacy office, the information security office, the auditing and compliance office, and the IT operations areas. These communication gaps create more complexity and bigger challenges for companies to handle and put the organization at greater risk for incidents as well as contractual and regulatory noncompliance.
Successful information protection programs require the viewpoints and goals for information protection within different stakeholder areas to be complementary and integrated throughout all the enterprise, within every business process stage, and at every level within the organization. This guide will provide discussion, practical knowledge, and numerous examples, facts, and case studies to address complex information protection convergence and compliance issues within your organization. The four chapters within this book will discuss the following:
- Chapter 1 explains why executive leaders must be concerned and take an active role in supporting information protection efforts. It also provides the information that CEOs, CFOs, and all other types of CxOs, in addition to lawyers, must know to help make the best possible decisions for information protection activities.
- Chapter 2 provides the information that compliance officers, auditors, and privacy officers need to understand and consider with regard to information protection to help them make the best decisions within their realm of responsibility.
- Chapter 3 helps information assurance professionals to better understand the information protection issues and challenges within information security departments and the associated technologies and activities.
- Chapter 4 speaks directly to IT leaders, IT administrators, developers, architects, and others who are the digital information custodians of the enterprise and responsible for implementing security controls but who usually have very little or limited information protection training or experience.”
If you download it, please let me know your feedback!
Tags: awareness and training, Information Security, IT compliance, IT training, policies and procedures, privacy awareness, privacy training, risk management, security awareness, security training