Globally, personal data breaches are at record levels. In 2017 identity theft, and related fraud cost $16 billion, affecting 6.7 million people, up 8% from 2016 (Javelin Strategy & Research, 2018). Generic cyber-attacks in APAC alone has cost an estimated $1.7 trillion in 2017 (Yu, 2018). The amount stolen is staggering; it's a multi-billion dollar "underground business" affecting everyone.
Governments, given such breaches and rampant wholesale data collection, are quickly creating robust legislation. Businesses, when faced with having to meet such evolving regulatory requirements, find it hard working out what to do; this is where this book excels. It explains what to focus on, when and why. Detailed are security, architectural and technical best practices based on real-world experience, combined with a PII focus - giving confidence that such sensitive information is handled correctly.
The book educates you on what PII is, how to recognise it and value it. Then it explains from first principals core security techniques and controls and how to apply them to your data processing system designs to ensure the PII is processed with the appropriate level of security focus. It provides practically minded ways to implement security and architecture to get the best outcomes.