Write review on this. Today in order to make face the increasing rate of data breaches in the companies, there is widespread agreement about the interests of participants in protection of privacy, and the corresponding duties of CTO to treat personal information in a confidential manner.
A strong security posture and implementation of a comprehensive privacy and data security plan is the single most effective measure that companies can employ to mitigate the significant costs of remediating a data breach.
Companies would be wise to consider the following suggestions to create an effective privacy, compliance and data protection plan or to revise an existing plan to account for changing laws, regulatory requirements and technological developments.
An important first step is to understand what type of information is being collected and what requirements applicable laws, regulations and other internal compliance policies impose.
In fact we have to identify the types of information collected and the tenet of data processing.
According to David Kim and Salomon, in Fundamental of Information and Security System about data classification standards, P. 43 "The following points define the U.S. federal government data classification standards.
Top secret- Apply to information that the classifying authority finds would cause grave damage to national security if it were disclosed.
Secret- Applies to information that the classifying authority finds would cause serious damage to national security if it were disclosed.
Confidential- Apply to information that the classifying authority finds would cause damage to national security".
It's important to distinguish between information that should be made public and that which should be kept private.
Few people would want to go to a counselor or pastor who supposed to maintain confidentiality. And yet, those advisors have to gauge when information needs to be shared, even if the other person doesn't want it to be.
The book of Proverbs, which extolls the virtues of wisdom, also encourages discretion more than two times in the first five chapters, In Proverbs 2:1 and 5:2 (EVS) it states that "My son, do not lose sight of these keep sound wisdom and discretion ", "You may keep discretion and your lips may guard your knowledge."
These information try depict how important are users awareness. As we can notice that in Networks and Security -John Vacca, P.19 according to the European network and Information Security Agency, "Awareness of the risk and available safeguards is the first line of defense for security of information systems and network".
Networks and Security System Second Edition - John Vacca
Fundamentals of information System Security Third Edition