One of the core obligations for all businesses, including SMEs, acting either as data controllers or data processors, in GDPR is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability and should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk).

The European DIGITAL SME Alliance, on behalf of cyberwatching.eu consortium, organises on 8^th October in Athens an SME workshop on security measures (article 32 GDPR). This cyberwatching.eu SME workshop is designed in collaboration with the European Union Agency for Network and Information Security (ENISA) and the support of the Hellenic Data Protection Authority.

In addition, Small Business Standards expert Fabio Guasconi will intervene during the event to present the SBS Guide on the implementation of ISO/IEC 27001 on Information Security Management. The Guide, which was developed by information security experts appointed by SMEs and cyber-security trade associations of various European countries, describes a series of practical activities that can significantly help with establishing or raising information security levels within an SME.

You can find more information on the event here

The Agenda: