The National Data Protection Commission (CNPD) recently published its Guideline/2023/1 on organizational and security measures applicable to the processing of personal data in response to multiple attacks on information systems, including phishing, malware and ransomware, occurring with increasing frequency, size and complexity, affecting personal data.
The technical and organizational measures recommended by the CNPD are directed to those responsible for the processing of personal data and processors subcontracted, with aim to provide the processing of data with a level of security appropriate to the risk, with the capacityfor confidentiality, integrity, availability and resilience ofprocessing systems and services, including, for example, internal policies, procedures, equipment and infrastructure.
To access the full article, download the PDF below.