Choose your location?
  • Global Global
  • Australian flag Australia
  • French flag France
  • German flag Germany
  • Irish flag Ireland
  • Italian flag Italy
  • Polish flag Poland
  • Qatar flag Qatar
  • Spanish flag Spain
  • UAE flag UAE
  • UK flag UK

Navigating ISO standards for operational data protection and cyber security

16 July 2024
On the 27 June 2024, DWF's Data Protection & Cyber Security team held their latest Breakfast Briefing, with Global Head Stewart Room leading the exploration into the importance of International Organisation for Standardization (ISO) standards within the legal framework. 

ISO standards represent the consensus of expert opinion, providing critical insights into how controls for data protection and cyber security can be operationalised in business. Despite being frequently overlooked by lawyers, they are often baked into legislation (e.g., NIS 2018 and DORA 2022), supporting regulatory guidance (e.g., for the GDPR) and in case law dealing with matters related to technical duties. Trends identified by DWF suggest that ISO standards will play an increasingly important role in determining regulatory enforcement results and outcomes in court.  Therefore, it is vital that our clients understand them.

The insights provided by our senior team of data protection and cyber security experts shed light on a number of complex ISO standards, including for risk assessments; design of management systems; privacy by design; protection against re-identification attacks; supply chain risk management; and incident management and response.

This snapshot of international standards gave our attendees a vision of the future of data protection and cyber security law. By encouraging our clients to consider ISO standards, we hope to equip them with the foresight to navigate the ever-changing landscape of the law.

Our next session will take place in London on 25 July and will discuss the impact of recent CJEU decisions on data protection.

If you are interested in attending this and future events at the forefront of data protection and cyber security discourse, please register your interest with one of our team, or send us an email at dpcs@dwf.law.

If you are interested in attending and being part of our next event, please let us know by registering your interest with your usual DWF Data Protection & Cyber Security contact or by sending an email to dpcs@dwf.law.

Further Reading