After 175 questions, I am pleased to announce that I provisionally passed the CISSP today. May God continue to bless you and everything you do and if I can donate, help, or support your vision and generosity in any way, please let me know. I will be more than happy to help. Take care!
Indeed, and I call this out in another comment. There's actually a GDPR wrinkle in the UK where they have a 24-hour requirement in some cases, but the broader EU requirement is 72 hours. Thank you for taking time to comment Antony. Good luck on the exam!
Just one correction I would make - slides say GDPR notification requirement is 24 hours - looked it up its 72 hours. Had a practice question on it which is why I double checked.
That's right (I quoted a UK variant in this video in error). This bit of errata was captured and corrected in the full course I released here on TH-cam a few months ago - "CISSP Exam Cram (Full Course)" - th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
I believe both are correct actually, but this detail very unlikely to appear on the exam.. Depending on the circumstances, the breach notification regulation provides for both the initial notification (24 hours) and full notification to follow (72 hours) if all details are not available. However, I suspect some sources you'll find may only mention the second figure. For the exam, I'd focus more on the details I highlighted.
those in the video are pretty commonly cited as most important for this exam. If SOX shows up, expect it would most likely to be a distractor / wrong answer. While fairly complex, it is a law that applies to publicly traded companies meant to protect investors from fraudulent accounting activities by corporations. Good description of SOX here if you're interested www.upguard.com/blog/sox-compliance#toc-1. The laws in this video (and the exam) tend to focus more on data privacy and security, and reporting requirements in the event of a breach
Here's the detail: For GDPR (article 33), In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it (the likely exam scenario). Under the UK GDPR docs, there are scenarios where notification must still must be done within 24 hours (according to ico.org.uk/). See the full article below that details the collective 72 hour / 24 hour considerations. ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/
Yes, this is called out in the errata below the video and updated in new release coming tomorrow. I deal with a special UK situation where GDPR reporting requirement is 24 hours, and was unfortunately top-of-mind when I recorded this.😒
Glad you like it. Make sure you have a look at my full course, which includes my latest updates across all 8 domains. Good luck! 🍀🤞 th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
it is. Early in the content development cycle. I cited a UK provision in error (mentioned in comments). I corrected in the full course at this timestamp - th-cam.com/video/_nyZhYnCNLA/w-d-xo.htmlsi=bar9AQFvfVCdX0Si&t=5945
Correct, and this has been corrected in the CCSP Exam Cram - Full Course HERE (th-cam.com/video/_nyZhYnCNLA/w-d-xo.htmlsi=EgrAxRtDA-Y6nHj3&t=5018). I cited a UK provision here in error early in the series dev cycle.
Unsure if you'll see this any time soon but isnt the time to report for GDPR 72hours? i've done some googling and i'm not seeing 24hour listed anywhere from trusted sources. Specifically Article 33 of GDPR.
Brice, yes, it's actually 72 hours (except in particular situation that won't come up on the exam). This bit of errata in this video was captured in errata and corrected in the full course at th-cam.com/video/_nyZhYnCNLA/w-d-xo.html)
@@InsideCloudAndSecurity Gotcha, thank you. Also in youre reply you said It's actually 24 hours, i'm assuming you meant 72? lol. Appreciate the quick reply, i've really been enjoying your video's. They are incredibly helpful for someone who cant sit down and get through a book.
Called out in comments/course errata and corrected to 72 hours in the full course at - "CISSP Exam Cram Full Course (All 8 Domains)" th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
Ah sorry, HIPAA language does this and I didn't notice. HIPAA Privacy Rule provides federal protections for PERSONAL Health Information, which through the regulation is thus PROTECTED Health Information. See this page on the Health and Human Services site and you'll see what I mean! - www.hhs.gov/answers/hipaa/what-is-phi/index.html
![NISAMANEE - TADA (ท้าดา) [ OFFICIAL MV ]](http://i.ytimg.com/vi/hcQHEPMmJpU/mqdefault.jpg)
Really great videos and quick way to refresh the Book content one has read.. Thank you for providing these free videos.. Appreciate your work
Glad you like them! Good luck on the exam! 👍
Thanks for the video. Just to confirm, Privacy Shield still works/exists?
After 175 questions, I am pleased to announce that I provisionally passed the CISSP today. May God continue to bless you and everything you do and if I can donate, help, or support your vision and generosity in any way, please let me know. I will be more than happy to help. Take care!
Glad the series was helpful! CONGRATULATIONS! 🏆🎉🌟
Today I passed CISSP. Your videos helped me for last week revision. Thank you so much
Glad to hear that! Congratulations! 🏆🎉
Thank you for all of the courses and effort you have put into creating them. Your videos on CISSP are my favourite study material. Very clear!
So glad to hear that! GOOD LUCK ON YOUR EXAM! 🍀🤞👍
Hello, i think there is mistake regarding Data breach notification (29:10). It's not 24hours but 72 hours as far as i know.
Indeed, and I call this out in another comment. There's actually a GDPR wrinkle in the UK where they have a 24-hour requirement in some cases, but the broader EU requirement is 72 hours. Thank you for taking time to comment Antony. Good luck on the exam!
Just one correction I would make - slides say GDPR notification requirement is 24 hours - looked it up its 72 hours. Had a practice question on it which is why I double checked.
That's right (I quoted a UK variant in this video in error). This bit of errata was captured and corrected in the full course I released here on TH-cam a few months ago - "CISSP Exam Cram (Full Course)" - th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
HI, Useful Video, at 29:29 GDPR notice, it should be 72 hrs, not 24 hours?
I believe both are correct actually, but this detail very unlikely to appear on the exam.. Depending on the circumstances, the breach notification regulation provides for both the initial notification (24 hours) and full notification to follow (72 hours) if all details are not available. However, I suspect some sources you'll find may only mention the second figure. For the exam, I'd focus more on the details I highlighted.
Sarbens oxley act? SOX is not important? Saw some questions in OSG practice exams
those in the video are pretty commonly cited as most important for this exam. If SOX shows up, expect it would most likely to be a distractor / wrong answer. While fairly complex, it is a law that applies to publicly traded companies meant to protect investors from fraudulent accounting activities by corporations. Good description of SOX here if you're interested www.upguard.com/blog/sox-compliance#toc-1. The laws in this video (and the exam) tend to focus more on data privacy and security, and reporting requirements in the event of a breach
@@InsideCloudAndSecurity Thanks
Hi just want to confirm, The Data Breach communication timeline is 72hrs, or 24 hrs. ? Thanks
Here's the detail: For GDPR (article 33), In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it (the likely exam scenario). Under the UK GDPR docs, there are scenarios where notification must still must be done within 24 hours (according to ico.org.uk/). See the full article below that details the collective 72 hour / 24 hour considerations. ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/
@@InsideCloudAndSecurity Thanks a ton for such a detailed response.
For the exam though, GDPR breach notification timeline would be 72 hrs right?
Great video - thank you for taking the time to help us! 👍🏾
Thanks Derek. 😉
GDPR data breach notification to authorities should be no less than 72* hours
Yes, this is called out in the errata below the video and updated in new release coming tomorrow. I deal with a special UK situation where GDPR reporting requirement is 24 hours, and was unfortunately top-of-mind when I recorded this.😒
Excellent content , Much thanks!
Glad you liked it! Good luck on the exam! 🏆🎉🌟
Glad you liked it! Good luck on the exam! 🏆🎉🌟
Isn't coppa only applicable to age below 13 years
Yes, to children below age 13. For the exam, focus on the fact that it protects children.
Great video.
Thanks so much
Glad you like it. Make sure you have a look at my full course, which includes my latest updates across all 8 domains. Good luck! 🍀🤞 th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
I thought with GDPR you must notify the breach within 72 hours not 24?
it is. Early in the content development cycle. I cited a UK provision in error (mentioned in comments). I corrected in the full course at this timestamp - th-cam.com/video/_nyZhYnCNLA/w-d-xo.htmlsi=bar9AQFvfVCdX0Si&t=5945
Thank you, I think GDPR breach reporting is 72 hours not 24 hours.
Correct, and this has been corrected in the CCSP Exam Cram - Full Course HERE (th-cam.com/video/_nyZhYnCNLA/w-d-xo.htmlsi=EgrAxRtDA-Y6nHj3&t=5018). I cited a UK provision here in error early in the series dev cycle.
Unsure if you'll see this any time soon but isnt the time to report for GDPR 72hours? i've done some googling and i'm not seeing 24hour listed anywhere from trusted sources. Specifically Article 33 of GDPR.
Brice, yes, it's actually 72 hours (except in particular situation that won't come up on the exam). This bit of errata in this video was captured in errata and corrected in the full course at th-cam.com/video/_nyZhYnCNLA/w-d-xo.html)
@@InsideCloudAndSecurity Gotcha, thank you. Also in youre reply you said It's actually 24 hours, i'm assuming you meant 72? lol. Appreciate the quick reply, i've really been enjoying your video's. They are incredibly helpful for someone who cant sit down and get through a book.
@@Jonesy01 Oh my, the effects of multi-tasking. Yes, edited my previous answer to you .🤦♂
@@InsideCloudAndSecurity You rock, sir
Great video. Thanks so much for the value 🙏
Anytime. Happy to help. Good luck on the exam! 🍀🤞
GDPR - Data breach notification - 72 hours ! not 24.
Called out in comments/course errata and corrected to 72 hours in the full course at - "CISSP Exam Cram Full Course (All 8 Domains)" th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
Really helpful. Thanks ever so much.
Glad it was helpful! Good luck on the exam! 🤞🍀
I love these videos. One small note though: in this video you define PHI with two different words for ‘p’ - and you do it on a single slide!
Ah sorry, HIPAA language does this and I didn't notice. HIPAA Privacy Rule provides federal protections for PERSONAL Health Information, which through the regulation is thus PROTECTED Health Information. See this page on the Health and Human Services site and you'll see what I mean! - www.hhs.gov/answers/hipaa/what-is-phi/index.html
Thank you!!!
20 videos into my CISSP series, I'd love to hear any suggestions for additional topics if anything more I can cover. 💡
Great
👍