4. Cybersecurity Compliance and Laws
Navigating the regulatory landscape is a core skill for cybersecurity professionals. This mind map covers the major frameworks and laws organisations must comply with.
Topics Covered
- GDPR: data protection, right to erasure, breach notification
- HIPAA: healthcare data security and privacy rules
- PCI DSS: payment card industry data security standard
- ISO 27001: information security management system
- NIST Cybersecurity Framework: identify, protect, detect, respond, recover
- SOX: financial data controls and audit requirements
- NIS2 Directive (EU 2024)
- Penalties and regulatory enforcement actions