The Information Commissioner’s Office has just published a detailed Guide to Data Protection. It’s an excellent, well presented piece of work, though at 175 pages it’s not likely to be read from cover to cover. But as a useful, free reference document, I’d advise every security professional to download a copy.
Most managers require a broader view of the compliance space than a perspective on just one aspect of compliance or on the requirements in a single jurisdiction. Building up a library of references to many pieces of legislation however takes a fair bit of time, so any up-to-date compilations are very welcome. That’s why I was also pleased to see the publication of Stewart Room’s long awaited bible: Butterworth’s Data Security Law & Practice. Stewart’s book is expensive, but you get a lot for your money.
Stewart is also an evangelistic doomsayer, who for some time has been pointing out that we’re currently experiencing a ‘bear market’ in regulatory compliance in data protection. And he’s not wrong about that. Today’s compliance regime is mild compared to what’s waiting in the wings. It’s time for all of us to start raising our game in data loss prevention.