Ochrona sygnalistów w dokumentacji ODO

Michał Kowalski

W ebooku przeczytasz m.in. o tym kim jest sygnalista i kiedy należy objąć go ochroną, jak wygląda ochrona sygnalistów w przypadku zgłaszania naruszenia prawa, poznasz obowiązek informacyjny RODO wobec sygnalisty oraz otrzymasz gotowy wzór procedury zgłoszeń wewnętrznych. Świeża publikacja oparta na aktualnościach w kontekście nowej ustawy o sygnalistach. E-book został przygotowany z myślą o specjalistach ochrony danych osobowych, a zawarte w nim informacje pomogą w zapewnieniu zgodności z obowiązującymi przepisami.

RODO w sieci - 17 pytań i odpowiedzi dotyczących ochrony danych przetwarzanych cyfrowo

Piotr Glen, Michał Koralewski, Maciej Lipka, Michał Nosowski, ...

Przetwarzanie danych osobowych cyfrowo jest powszechną i wygodna praktyką dla wszystkich uczestników tego procesu. Niemniej jednak jest ono obarczone większym ryzykiem związanym z ich bezpieczeństwem np. w postaci cyberataku. To z kolei powoduje, że administratorzy danych osobowych mają dodatkowe obowiązki w tym zakresie. Sprawdź, jak przetwarzać dane na potrzeby poczty e-mail, wideokonferencji, urządzeń mobilnych, jak przesyłać dane poza obszar EOG czy też jakie są założenia aktu o usługach cyfrowych. To tylko niektóre z najistotniejszych zagadnień omówionych w tej publikacji.

Securing Industrial Control Systems and Safety Instrumented Systems. A practical guide for safeguarding mission and safety critical systems

Jalal Bouhdada, Marco Ayala

As modern process facilities become increasingly sophisticated and vulnerable to cyber threats, securing critical infrastructure is more crucial than ever. This book offers an indispensable guide to industrial cybersecurity and Safety Instrumented Systems (SIS), vital for maintaining the safety and reliability of critical systems and protecting your operations, personnel, and assets.Starting with SIS design principles, the book delves into the architecture and protocols of safety networks. It provides hands-on experience identifying vulnerabilities and potential attack vectors, exploring how attackers might target SIS components. You’ll thoroughly analyze Key SIS technologies, threat modeling, and attack techniques targeting SIS controllers and engineer workstations. The book shows you how to secure Instrument Asset Management Systems (IAMS), implement physical security measures, and apply integrated risk management methodologies. It also covers compliance with emerging cybersecurity regulations and industry standards worldwide.By the end of the book, you’ll have gained practical insights into various risk assessment methodologies and a comprehensive understanding of how to effectively protect critical infrastructure.

Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture

Brett Crawley, Adam Shostack

Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.

TLS Cryptography In-Depth. Explore the intricacies of modern cryptography and the inner workings of TLS

Dr. Paul Duplys, Dr. Roland Schmitz

TLS is the most widely used cryptographic protocol today, enabling e-commerce, online banking, and secure online communication. Written by Dr. Paul Duplys, Security, Privacy & Safety Research Lead at Bosch, and Dr. Roland Schmitz, Internet Security Professor at Stuttgart Media University, this book will help you gain a deep understanding of how and why TLS works, how past attacks on TLS were possible, and how vulnerabilities that enabled them were addressed in the latest TLS version 1.3. By exploring the inner workings of TLS, you’ll be able to configure it and use it more securely.Starting with the basic concepts, you’ll be led step by step through the world of modern cryptography, guided by the TLS protocol. As you advance, you’ll be learning about the necessary mathematical concepts from scratch. Topics such as public-key cryptography based on elliptic curves will be explained with a view on real-world applications in TLS. With easy-to-understand concepts, you’ll find out how secret keys are generated and exchanged in TLS, and how they are used to creating a secure channel between a client and a server.By the end of this book, you’ll have the knowledge to configure TLS servers securely. Moreover, you’ll have gained a deep knowledge of the cryptographic primitives that make up TLS.