Rothstein Publishing; Rothstein.com; ebook; 233 pages; $14.74.
Noted cybersecurity lawyer Mark Rasch is credited with saying, "The rule is, 'if it moves, sue it…If it doesn't move, move it, then sue it.'" In today's litigious society, it's almost inevitable that a person or enterprise will be sued.
In The Manager's Guide to Cyber-security Law: Essentials for Today's Business, author Tari Schreider provides a helpful resource that can help IT managers stay on the correct side of the myriad cybersecurity laws. While the author is not a lawyer, he does a good job in showing the reader what due diligence requirements must be taken to protect data under their control.
The book covers a lot in a little over 200 pages, including topics such as regulations, jurisdiction, U.S. laws addressing computer security, and digital forensics law. In addition to listing a number of high-profile cases and lessons that can be learned from them, it also includes several helpful checklists.
Each topic is covered in a few paragraphs, so this is certainly not a comprehensive guide. That said, it offers external links for further information. For those in IT looking for a quick and thorough introduction to cybersecurity law, this useful guide can help them comply with cybersecurity law rather than break it.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), PCI QSA (Qualified Security Assessor), is a principal eGRC consultant with the Nettitude Group.