Early in 2021 I was invited to give a one-hour presentation on Data Protection and Incident Response, looking at how the demands of the two fields align and support each other, and how law and guidance have come to recognise that over the past decade or so.
Incident Response and GDPR: slides
Discussion at that event gave me a better way of thinking about information sharing
Information Sharing and NIS2D: slides
If you’d like to know more, look at the incident response tag on this blog, or read my peer-reviewed papers:
- Incident Response: Protecting Individual Rights Under the General Data Protection Regulation
- Processing Data to Protect Data: Resolving the Breach Detection Paradox
NISD2: A Common Framework for Information Sharing Among Network Defenders