Don’t Tell Them now (or at all) – Responsible Disclosure of Security Incidents under NIS Directive and GDPR

SCHMITZ, Sandra; SCHIFFNER, Stefan

doi:10.1080/13600869.2021.1885103

Demander un accès

Article (Périodiques scientifiques)

Don’t Tell Them now (or at all) – Responsible Disclosure of Security Incidents under NIS Directive and GDPR

SCHMITZ, Sandra; SCHIFFNER, Stefan

2021 • In International Review of Law, Computers and Technology, 35 (2)

Peer reviewed vérifié par ORBi

Permalien
https://hdl.handle.net/10993/46908

DOI
10.1080/13600869.2021.1885103

Documents (1)Envoyer vers Détails Statistiques Bibliographie Publications similaires

Documents

Texte intégral

Don t tell them now or at all responsible disclosure of security incidents under NIS Directive and GDPR-1.pdf

Postprint Éditeur (1.36 MB)

Demander un accès

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers

RIS BibTex APA Chicago Permalink X Linkedin

Détails

Mots-clés :

Privacy; Cybersecurity; NIS Directive; GDPR

Disciplines :

Droit, criminologie & sciences politiques: Multidisciplinaire, généralités & autres

Auteur, co-auteur :

SCHMITZ, Sandra ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Cole

SCHIFFNER, Stefan ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Engel

Co-auteurs externes :

Langue du document :

Anglais

Titre :

Don’t Tell Them now (or at all) – Responsible Disclosure of Security Incidents under NIS Directive and GDPR

Date de publication/diffusion :

2021

Titre du périodique :

International Review of Law, Computers and Technology

ISSN :

1360-0869

eISSN :

1364-6885

Maison d'édition :

Carfax Publishing, Royaume-Uni

Volume/Tome :

Fascicule/Saison :

Peer reviewed :

Peer reviewed vérifié par ORBi

Focus Area :

Law / European Law

Projet FnR :

FNR12639666 - The Eu Nis Directive: Enhancing Cybersecurity Across Vital Business Sectors (Encavibs), 2018 (01/09/2019-31/08/2022) - Mark Cole

Disponible sur ORBilu :

depuis le 24 avril 2021

Statistiques

Nombre de vues

275 (dont 7 Unilu)

Nombre de téléchargements

22 (dont 6 Unilu)

Voir plus de statistiques

citations Scopus^®

citations Scopus^®
sans auto-citations

OpenCitations

citations OpenAlex

Bibliographie

Art. 29 Data Protection Working Party. 2017. “Guidelines on the Application and Setting of Administrative Fines for the Purposes of the Regulation 2016/679”. WP 253.
Art. 29 Data Protection Working Party. 2018. “Guidelines on Personal Data Breach Notification Under Regulation 2016/679”. WP250 rev.01.
Cichonski, P., T., Millar, T., Grance, and K., Scarfone. 2012. “NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide Recommendations”. NIST Special Publication. doi: 10.6028/NIST.SP.800-61r2.
ENISA. 2017. “Incident Notification for DSPs in the context of the NIS Directive”. https://www.enisa.europa.eu/publications/incident-notification-for-dsps-in-the-context-of-the-nis-directive/at_download/fullReport.
European Banking Federation. 2020. “EBF Position on Cyber Incident Reporting”. https://www.ebf.eu/wp-content/uploads/2020/06/EBF-position-paper-on-cyber-incident-reporting_annex-on-FLIIS.pdf.
European Commission. 2020. “Proposal for a Directive of the European Parliament and of the Council on Measures for a High Common Level of Cybersecurity Across the Union, Repealing Directive (EU) 2016/1148”. COM(2020) 823 Final.
Halevi, T., N., Memon, and O., Nov. 2015. “Spear-Phishing in the Wild: A Real-World Study of Personality, Phishing Self-efficacy and Vulnerability to Spear-Phishing Attacks”. doi: 10.2139/ssrn.2544742.
Hansen, M., M., Jensen, and M., Rost. 2015. “Protection Goals for Privacy Engineering”. IEEE Security and Privacy Workshops. https://ieeexplore.ieee.org/document/7163220.
Laue, P., 2019. “ Art. 34 DSGVO.” In Recht der elektronischen Medien, edited by G., Spindler and F., Schuster. München: C.H. Beck.
Martini, M., 2018. “ Art. 33 DSGVO.” In Beck’sche Kompakt-Kommentare, Datenschutz-Grundverordnung Bundesdatenschutzgesetz, edited by B., Paal and D., Pauly. München: C.H. Beck.
NIS Cooperation Group. 2018. “Reference Document on Incident Notification for Operators of Essential Services”. CG Publication 02/2018. https://ec.europa.eu/information_society/newsroom/image/document/2018-30/reference_document_incident_reporting_00A3C6D5-9BDB-23AA-240AF504DA77F0A6_53644.pdf.
Uwer, D., 2020. “ § 29 BDSG.” In Beck’scher Online-Kommentar Datenschutzrecht, edited by S., Brink and H. A., Wolff. München: C.H. Beck.
Weulen Kranenbarg, M., T. J., Holt, and J., van der Ham. 2018. “Don’t Shoot the Messenger! A Criminological and Computer Science Perspective on Coordinated Vulnerability Disclosure”. 7 Crime Science 16. doi: 10.1186/s40163-018-0090-8.