Strategies to protect data.

Includes data that is subject to regulatory requirements, such as personal data protected under laws like GDPR, health information covered by HIPAA, or financial data under PCI-DSS. Compliance with legal and regulatory standards it's crucial.

Regulated Data

Refers to the creations of the mind like inventions, artistic works, designs, etc. IP theft can result in significant economic loss and competitive disadvantage.

Intellectual Property

Law grants protections against unauthorized duplications of an original creative work. Protect creative expression of ideas or resources. Protection varies within 70 years, 95 years, and 120 years.

Intellectual Property - Copyrights

Protects brand identity like names, logos, and slogans that identify a company or product. Example: Nike “swoosh” logo and Apple name and logo

Intellectual Property - Trademarks

Protects the rights of inventors and their inventions. Basically protects an invention and how it functions. Owner has exclusive control of the invention for 20 years.

Intellectual Property - Patent

Any form of information, device, method, process, or formula that, if disclosed, will cause significant damage to an organization. Nondisclosure agreements (NDA) should be used to protect the information. Think krabby patty formula.

Intellectual Property - Trade Secrets

Encompasses information pertaining to legal matters, including case files, legal advice, and other sensitive legal documents. Breaches can compromise attorney – client privilege and case integrity.

Legal Information

Includes details about transactions, financial records, credit info, and other monetary data. It is the prime target for cyber crimes like fraud and identity theft. To protect this info, you should use encryption, secure, transaction, processing, and follow industry standards.

Financial Information

Data that is easily interpreted by humans, such as tax documents, images, and printed information.

Readable Data

Require a specific tools or software to interpret, like encrypted data, machine code, or log files.

Non-Human Readable Data

Both human readable data and non-human readable data require protection. Human readable data is susceptible to direct reading, while non-human readable data can be a target for cyber attack, aimed at description or misuse.

True

Help in determining the level of security controls and handling protocols that should be applied to various types of data including creation, usage, destruction. Remember the data owner determines the classification.

Data Classifications

Confidentiality, integrity, availability, sensitivity, criticality are all goals of?

Data Classification

The type of data classification are

Sensitive - Confidential - Public - Restricted - Private - Critical

Refers to the physical or geographical location of data. In terms of cyber security, it can have multiple implications, such as legal and regulatory, compliance, data latency, and performance, risk management, data sovereignty and privacy.

Geolocation

Means that data is subject to the laws and regulations of the country where it is stored or processed. Ex: A U.S. company stores data on servers in France. That data must follow French data laws, not just U.S. laws

Data Sovereignty

Which of the following are methods to secure data.

Geographic restrictions - Encryption - Hashing - Masking - Tokenization - Obfuscation - Segmentation - Permission restrictions