Cybersecurity and Privacy Law Handbook

A beginner’s guide to dealing with privacy and security while keeping hackers at bay

Walter Rocchi

BIRMINGHAM—MUMBAI

Cybersecurity and Privacy Law Handbook

Copyright © 2022 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Mohd Riyan Khan

Publishing Product Manager: Khushboo Samkaria

Content Development Editor: Nihar Kapadia

Technical Editor: Arjun Varma

Copy Editor: Safis Editing

Project Coordinator: Deeksha Thakkar

Proofreader: Safis Editing

Indexer: Manju Arasan

Production Designer: Prashant Ghare

Marketing Coordinator: Ankita Bhonsle

First published: December 2022

Production reference: 1241122

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-80324-241-5

www.packt.com

To my children, Bianca, Maria, and Enrico, and to those who supported and believed in me.

– Walter Rocchi

Contributors

About the author

Walter Rocchi, with 24 years of activity and ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISA, CEH, and IAPP CIPP/E – CIPT certifications, is a seasoned freelancer and has acted as CISO and in similar roles for several companies, mostly in finance, retail, telecoms, utilities, Big Pharma, and government agencies. He has consulted with big corporations and funded start-ups and he’s always looking for new challenges.

He spends his free time reading, hiking, and enjoying his time with his two children. He’s also an avid blues listener and is addicted to TV series (especially Marvel and horror series).

I want to thank the people who have been close to me and supported me, especially Roberta Carolina Ainara Bermúdez, for her invaluable help in simplifying the GDPR for mere mortals. Moreover, thanks to Francesco Tonin, who always reminded me of the frameworks that needed to be mentioned. Finally, all the guys at Packt, who gave me the opportunity to write a book, especially my editor Nihar Kapadia, and Safis, for their patience in dealing with my poor examples.

About the reviewer

Francesco Tonin is a senior information technology professional and expert in IT audit, risk, and compliance with over 14 years of working in highly regulated markets such as financial services, insurance, and healthcare. He is broadly skilled in relation to cyber security, IT auditing, IT risk, and governance but also in relation to business process design, SAP FI, CO, and MM and data warehousing, and data analytics for audit and process improvement. He’s a certified professional (with CISA, CISM, ISO 27001LA, and CIPP/E for GDPR and Data Privacy certifications) and took part in a part-time master’s program focused on planning and control in corporate finance.