YEAR: 2017 | ISSUE: 4 | PUBLISHED: 18.12.2017
These articles were subject to peer-to-peer review.
Interview with national CERT teams
We asked the representatives of the CZ.NIC and GovCERT.CZ organizations about their stances and opinions on various topics like legislation, evaluation of one another or international coope-ration. The questions are structured to allow a direct comparison of the views of both entities on the given subject.
DSM | page 6
Bashware in Windows 10
This article provides an independent view to the attack method called bashware. It describes the principle and the phases of the attack. It includes the detection test of the three most common antivirus software.
DSM | page 12
Endpoint protection in the age of cloud
It might seem that the importance of endpoint protection is nowadays descending - especially with adoption of systems, which save the data elsewhere. The article is focused on role of end-point in a context of overall data security. It discusses the influencing factors and summarizes the common trends.
DSM | page 17
Act on Cyber Security in new version
Lukáš Kintr, Martin Konečný
In previous articles, we introduced a new directive of the European Union, NIS Directive and some changes to the definitions and obligate entities that this directive reflected in the draft amendment to the Act on Cyber Security. However, this article provides up-to-date information on the already effective version of the revised Cyber Law and outlines other news related to the amendment.
DSM | page 21
About ePrivacy Regulation
This January, the ePrivacy Regulation (ePR) was launched, which should begin to apply at the same time as GDPR on May 25, 2018. The article attempts to explain how ePR and GDPR relate to each other. The focus in our article was put on the most important aspects of ePR – the area of unsolicited marketing, cookies and confdentiality.
DSM | page 26
Preparation for GDPR in practise – Part III.
In this part of the series, we move on to the next two steps that cover the analytical part of the implementation project. That means an assessment of the differences between current and required status - GAP analysis and GDPR impact assessment on individual areas of the DPO's activities and design of the measures to ensure compliance with GDPR - impact analysis.
DSM | page 29
Case study – Implementation of GDPR in ČSOB
In this case study we will get familiar with the process of implementation of GDPR in ČSOB bank. The article describes experience with practical implementation and covers topics such as client agreements, data governance, interaction with data subjects or revision of information systems and applications. In the conclusion, the reader is offered some recommendations to ensure the success of GDPR implementation.
DSM | page 32
Report from Cyber Coalition 2017
This report from one of the largest international cyber security exercise offers an authentic view of its course through the eyes of a direct participant. Are you wondering what traps are laid for the participants, how are these exercises conceived or what hides behind the not much--revealing press releases? The article contains both a description of the plot of the exercise and its detailed technical analysis.
DSM | page 35