(ISC)2’s information security professionals publish articles regularly on Computerworld UK’s Infosecurity Voice blog. This time the author is Yves Le Roux, policy group lead at the (ISC)2 EMEA advisory board, who blogged about how “infosec professionals can help shape EU data protection”.
Governments have finally realised the importance of recognising and controlling information security risk. With the new draft data protection legislation the EU’s cyber security strategy has made its first steps towards addressing the risks that people and businesses face on a daily basis in today’s technology-dependent world.
Although the initiative is taking on a serious matter, it does not mean that legislators have the relevant experience and knowledge to understand the impact and response that may be needed.
The new legal framework will affect us all; therefore it is vital that everybody involved considers the influence of such legislation.
It’s a task of great significance, so the advising security professionals must get to know the legislation first. Once all aspects, including the overall intent as well as the actual measures, have been assessed, infosec pros may point out all infeasible elements and make suggestions.
All in all, “the job ahead for legislators, privacy and compliance professionals as well as technology and information security professionals is to understand the intent of what needs to be achieved , and then come together to understand the structures required to govern and properly manage the intent.”
To read the full article by Yves Le Roux visit Infosecurity Voice.