0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: Palita2018
April 17, 2018

The Resilience of Critical Infrastructures

By: Palita2018
April 17, 2018
By: Palita2018
April 17, 2018

2.4 What to Protect Against - Cyber Threats

Wikipedia updated list:

0–9

A

B

C

    

D

E

F

G

    

H

I

J

K

    

L

M

N

P

  

R

S

T

U

   

V

W

X

Z

 

 

2.5 Role and Responsibilities

For the ORGANIZATIONAL DATA SECURITY FUNDAMENTALS, the Senior / Chief Decision Makers includes:

CEO: Decision maker (titolare in italian)

CFO: Budgeting and finance

CIO: ensures support with its technical know-how

ISO: Risk analysis and mitigation

Steering Committee: defines the objective risks and how to deal with them

Auditor: evaluate the Business Processes of Security Systems

Data Owner: classifies the data

Data Custodian: day by day deals with the "maintenance of data"

Network Administrator: ensures the availability of network resources

Security Administrator: responsible for all the security and associated tasks, with particular regard to "Confidentiality and Integrity". It would always be advisable to appoint a press officer.

2.4.1 DPO Data Protection Officier

European legislation has introduced new mandatory actors for the protection of personal data. The charge of the DPO is mandatory based on the provisions of art. 37 GDPR against PA (Public Administration) without exceptions; in the case of treatments that require regular and systematic monitoring of large-scale data; when the processing involves sensitive personal data (Article 9) or data relating to criminal convictions and offenses referred to in Article 10 massive treaties. The DPO must act in the interests of the interested parties and of the entire community, not only of the CEO. Even if the charge of the DPO is not mandatory for the infrastructures not included in the cases contemplated by the Regulation, once the CEO has charged her/him (DPO), the rules set out in art. 37-39 of the GDRP must, in any case, be fully applied.

2.5.2 SLO Security Liaison Officier

The owner of the ICE  (European critical infrastructure) and the responsible party for its operation must charge within 30 days from the designation as ICE a security liaison officer and the SLO. Together they formulate the PSO (Strategic Operational Plan) to be drawn up in compliance with the minimum parameters agreed in Eu Community, Annex B Legislative Decree 62/2001.

2.5.3 Actors schema of Italian Act 196/2003

Actors Schema of italian Act 196/2003

Do you like to write about your infosec knowledge, skills, opinions, or exploits?

Blog Icon

Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry