Information Security and the Law

Choose one of the following topics, 1. “Ensuring compliance with the security obligations under the GDPR is a challenge for both cloud providers and their controller clients.” Critically discuss this statement. Indicate whether you agree with it or not. Provide specific support for your analysis from any relevant source. 2. Analyse how legal frameworks can create both direct and indirect incentives for entities to implement information security management systems. 3. Compare and contrast compliance with process information security standards and examine the role that both can play in promoting compliance with information security obligations. Footnoting is not required; in-text citations to references suffice.