ENISA issues recommendations for securing data using cryptography
Posted on 04 November 2013.
ENISA, the European Union’s “cyber security” Agency, launched a report recommending that all authorities should better promote cryptographic measure to safeguard personal data.


The report addresses ways to protect sensitive and/or personal data that has been acquired legitimately. The clear link between privacy and cryptography is underlined, demonstrating how the latter can play a role in protecting personal data and safeguarding legitimately collected sensitive or confidential data.

The report presents a mapping of security requirements for personal data and basic cryptographic techniques. It is noteworthy that information security measures and mechanisms can be deployed for the protection of personal data. However, information security does not cover all the issues regarding personal data protection and privacy.

Indeed, personal/sensitive data requires different protection measures in different stages of the lifecycle. Therefore, the report presents a short version of such a lifecycle description. The report also identifies security measures and an introduction to basic cryptographic techniques.

The report is complemented with a set of technical recommendations for algorithms, key sizes, parameters and protocols. The target audiences of these recommendations are system developers and maintenance engineers in commercial environments who are faced with the need to deploy or replace protective measures for data.

Amongst the top three findings and recommendations are:
  • The cryptographic measures are only one piece of a puzzle when referring to privacy and data protection. However, cryptographic measures can provide an important layer of protection for data protection, which may reduce the impact of breaches. The relevant stakeholders (Data Protection Authorities, EU Member States authorities, and service providers) should recommend users and others to implement security measures for protecting personal data, as well as rely on state-of-the-art solutions and configurations for this purpose.
  • Specialised personnel are needed for the correct implementation of updated cryptographic protective measures.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //