![CNPD Guideline on organizational and security measures](https://www.cuatrecasas.com/images/cache/publication_detail/resources/textures-44-63d7d2196b81d538282686.jpg)
Key aspects
- The National Commission for Data Protection (CNPD) approved its first guideline (Guideline) for 2023 on organizational and security measures for personal data processing.
- The attacks are mainly due to (i) infrastructural weaknesses; (ii) users not being trained to detect phishing campaigns; and (iii) data controllers’ lack of awareness of the risks to data subjects' rights, caused by the lack of investment in security mechanisms.