One of the core obligations that the new General Data Protection Regulation (GDPR) imposes to all businesses, including SMEs acting either as data controllers or data processors, is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk).

With this regard, Small Business Standards (SBS) issued in 2017 the SME Guide on the implementation of ISO/IEC 27001 on Information Security Management, a ready-to-use document that helps SMEs in dealing with security issues in line with the concepts of worldwide recognised standards.

On 8^th October, SBS expert Fabio Guasconi will intervene during the workshop on security measures to present the contents of the SME Guide, which was developed by information security experts appointed by SMEs and cyber-security trade associations of various European countries and describes a series of practical activities that can significantly help with establishing or raising information security levels within an SME.

The event, co-organised by the European DIGITAL SME Alliance and the European Union Agency for Network and Information Security (ENISA) with the support of the Hellenic Data Protection Authority, will take place at the Crowne Plaza Hotel in Athens, Greece.

More information about the event can be found here.