Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practices

About

Features

• Ideal for all students studying the privacy aspects of cybersecurity
• Includes full sections on planning for privacy, identifying and understanding threats, applying modern privacy technologies, and understanding evolving legal and regulatory requirements (including GDPR)
• Reflects best practices and widely-accepted standards, and supports key Human Security elements of Cybersecurity Curricula 2017 (CSEC2017)
• Multiple learning features promote rapid access and mastery: from clear learning objectives and glossary definitions to QR weblinks and a frequently updated website
• Ancillary resources, including lecture slides, provide instructors ample support in integrating this text 
• By William Stallings, 13-time winner of the prestigious TAA Computer Science Textbook of the Year Award

Description

Organizations of all kinds are recognizing the crucial importance of protecting privacy. Their customers, employees, and other stakeholders demand it. Today, failures to safeguard privacy can destroy organizational reputations — and even the organizations themselves. But implementing effective privacy protection is difficult, and there are few comprehensive resources for those tasked with doing so. In Information Privacy Engineering and Privacy by Design, renowned information technology author William Stallings brings together the comprehensive and practical guidance you need to succeed. Stallings shows how to apply today’s consensus best practices and widely-accepted standards documents in your environment, leveraging policy, procedures, and technology to meet legal and regulatory requirements and protect everyone who depends on you. Like Stallings’ other award-winning texts, this guide is designed to help readers quickly find the information and gain the mastery needed to implement effective privacy. Coverage includes:

• Planning for privacy: approaches for managing and controlling the privacy control function; how to define your IT environment’s requirements; and how to develop appropriate policies and procedures for it
• Privacy threats: Understanding and identifying the full range of threats to privacy in information collection, storage, processing, access, and dissemination
• Information privacy technology: Satisfying the privacy requirements you’ve defined by using technical controls, privacy policies, employee awareness, acceptable use policies, and other techniques
• Legal and regulatory requirements: Understanding GDPR as well as the current spectrum of U.S. privacy regulations, with insight for mapping regulatory requirements to IT actions

Sample Content

Table of Contents

Part I: Planning for Privacy1. Information Privacy Concepts2. Security Governance and Management3. Risk Assessment
Part II: Privacy Threats4. Information Storage and Processing5. Information Collection and Dissemination6. Intrusion and Interference
Part III: Information Privacy Technology7. Basic Privacy Controls8. Privacy Enhancing Technology9. Data Loss Prevention10. Online Privacy11. Detection of Conflicts In Security Policies12. Privacy Evaluation
Part IV: Information Privacy Regulations13. GDPR14. U.S. Privacy Laws and Regulations

Updates

Submit Errata