DATA SECURITY MANAGEMENT ARCHIVE

Browse an archive of past issues of our magazine

back  Back to DSM magazine...

DSM 2020/2

2017 4Main topic: Rozhovor s ředitelem NÚKIB, ISO 27701, penetrační testování, Data Subject Access Rights

ISSUE DATE: 25.6.2020 

PUBLISHED: 25.6.2020

rr These articles were subject to peer-to-peer review.

Click on headline to see more about article

 

Interview with Karel Řehka

Daniela Seigová
Brigadier general Karel Řehka was on the 20th March, 2020 appointed to the position of National Cyber and Information Security Agency (NÚKIB) director. In the first of two parts of the interview he answers questions about his future visions, using his experience from military missions in the new function, managing NÚKIB’s financial resources and much more.

DSM | strana 7

Enhancing the security of PKI with blockchain technology rr

Yehor Safonov
This article discusses a possibility of enhancing the security of the classic Public Key Infrastructure (PKI) model with applying a revolutionary blockchain technology. In the first part, the author focuses on explaining the principles of the classical PKI system based on CA's trustiness and on the Certificate Transparency (CT) solution introduced by Google. The author presents security problems and risks related to mentioned models and outlines possible ways of defense against sophisticated attackers. The second part is focused on blockchain technology and integration with PKI. The text compares existing blockchain PKI models with a focus on the CertLedger solution, which can be successfully applied to enhance the security of PKI.

DSM | strana 11

Challenge called DSAR and what does the request for an access to personal data mean for the administratior – part I.rr

Petra Věžníková
The article deals with the data subject‘s right to access their personal data, and to obtain a copy thereof (according to Art. 15 GDPR). The first part of the article contained in this edition gives an overview of the substantive aspects of the right of access from the perspective of the data controller (content and scope of the right) and provides examples of sanctions imposed for non-compliance with GDPR in handling access requests.

DSM | strana 17

DevOps – part VIII. rr

Vladimír Kufner
This, last article of the whole series about DevOps summarizes previous articles and reflects future possible trends in DevOps. It indicates current status of DevOps, names of companies using DevOps. It recommends the most active companies participating on DevOps transformations. It summarizes DevOps web sites and companies associated.

DSM | strana 21

Slider

Václav Stupka, Jakub Vostoupal
This article deals with the European framework for cybersecurity certification and with the changes this new EU legislation shall bring. It explains what the certification is, how the certification framework is supposed to function, which institutions are responsible for it and finally, it introduces the certification procedure itself.

DSM | strana 25

Penetration testing – part I.rr

Michel Quiroz
Article about the basics of a penetration test, informing the reader about key details of this type of IT security practice. Article covers general approach, process, industry standards, and defines multiple different aspects of a penetration test. Further explanation corrects common misunderstandings about the differences between penetration tests and vulnerability scans/red team exercises. As the first article in a series, it will provide the reader with a foundation on penetration testing to build upon for future articles.

DSM | strana 30

Cyberwar is coming. How does the preparation look from the hackers perspective? rr

Daniel Hejda
If we were on the brink of a cyberwar, how would the preparation look from hacker’s perspective? Find out how do attackers think and what activities precede the attack itself. This article explains why is the preparation phase crucial and why is it accurate to compare attackers to strategists or chess players.

DSM | strana 34

ISO 27701: an alternative to the GDPR certification rr

Petr Šimsa
The article is dedicated to introduction of standard ISO/IEC 27701: Privacy Information Management System. It describes basic differences in contradiction to ISO 27001 and introduces the possible usage of the standard including as alternative to GDPR Certification.

DSM | strana 42

Reponses to questions about a law amendment concerning providing cyber protection for the Czech republic

Currently widely discussed law amendment concerning providing cyber protection for the Czech republic brought into public attention many controversial opinions and some disinformation. Therefore we decided to create five comprehensive questions and send them to several public figures, specialists and experts to give them a fair chance to express their opinion and make a clear statement. This  article offers collected answers.

DSM | strana 46

SECTIONS
- Virus section DSM | strana 54  
- Standards and publications DSM | strana 55
- News from partner companies DSM | strana 56

- Legal advice DSM | strana 57
- Management summaryDSM | strana 60

- Colophon DSM | strana 62

back  Back...

Back to top

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.