A Reference Manual for Data Privacy Laws and Cyber Frameworks

As the world is becoming more digital and intertwined together, the Cybersecurity Threat Landscape has no doubt become a daunting one for sure. For example, old style Threat Variants of the past, especially that of Phishing, has now become much more sophisticated and covert in nature. A lot of this has been brought on by the explosion of Ransomware, when it exploded during the COVID-19 pandemic. But there is yet another concern that is looming on the horizon: Data Privacy. Now, more than ever before, consumers on a global basis want to know what exactly is happening to their Personal Identifiable Information (PII) Datasets.

Examples of what they want to know about include the following:

• What kinds and types of information and data is being collected about them
• How those PII Datasets are being stored, processed, and transacted
• How their PII Datasets are being used by Third Suppliers

In response to these concerns and fears, as well as the Cyber Risks that are posed with these Datasets, many nations around the world have set up rather exhaustive and very detailed Data Privacy Laws. In their respective tenets and provisions, these pieces of Legislation not only spell out why and how businesses need to compliance with them, but the rights that are afforded to each and every consumer. In this book we detail the tenets and provisions of three key Data Privacy Laws:

• The GDPR
• The CCPA
• The CMMC

We also provide a general framework at the end as to how a business can come into compliance with these various Data Privacy Laws.

Also, we first provide an in depth overview of the importance of Data and Datasets, and how they are so relevant to these Data Privacy Laws just mentioned.