Social Media: Impact and Implications for Corporate PrivacyRead more >
After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Personal data of individuals – consumers and employees – is in constant motion across international borders. Nonetheless, existing privacy laws purport to prohibit organizations in many countries from transferring data to another jurisdiction in the absence of adherence to various legal frameworks or contractual mechanisms designed to enhance the protection of personal data.
Those legal frameworks suffered a blow last year when the European Court of Justice struck down the 15 year old Safe Harbor Framework. A year later, the EU-US Privacy Shield Framework has been approved as a replacement, and many companies have begun to certify, but the new Framework remains subject to potential legal challenge. Other European data transfer mechanisms – standard contractual clauses and Binding Corporate Rules – are also subject to legal challenge. And other jurisdictions around the globe in South America, Asia and elsewhere, are imposing restrictions on the transfer or personal data and in some cases even calling for data localization. Yet, data continues to flow in real-time.
What does it mean in the real world? What are the real risks for multinational data owners and for service providers that process data of such data controllers? This presentation will distinguish fact from fiction and provide practical tools for companies that are struggling (understandably) to wrap their virtual arms around the world.
eDiscovery can be expensive, risky, complex—and expensive again. For companies dealing with massive amounts of data in litigation, it’s not unusual to see budgets quickly overwhelmed by burdensome discovery requirements, endless vendor bills, and outside counsel who fail to make efficiency a concern, let alone a priority. But it doesn’t have to be this way.
A comprehensive corporate eDiscovery program can reduce discovery costs by tens of millions of dollars—or more.
Join us for this upcoming webinar featuring experts who have saved companies millions.
Attendees will learn:
- The characteristics of a cost-effective eDiscovery program
- Strategies for active litigation management
- The role of information governance in reducing corporate legal spend
- How outside counsel can contribute to corporate cost savings
Wayne Matus, Matus Consulting Group LLC: Wayne Matus is a litigation partner & managing director with extensive experience in litigation, investigations and compliance, adept at solving eDiscovery, privacy & data related problems for organizations large & small. Prior to launching Matus Consulting Group LLC, Wayne revolutionized the eDiscovery process at UBS, reducing eDiscovery costs by tens of milions of dollars.
Bill McManus, Partner at Cosmich Simmons & Brown. Bill is an experienced litigator & corporate counsel with specialized expertise in eDiscovery, information management, & more. Bill’s practice focused on utilizing dedicated teams of attorneys & leveraging technology to streamline legal processes with predictable pricing & predictable & defensible outcomes.
Ron Sotak, Director of e-Discovery at Cosmich, Simmons & Brown, where manages a specialized team of document review attorneys within the firm’s Strategic Business Solutions practice group. Ron has worked with Corporate & merits counsel to develop custom workflows utilizing state-of-the-art technologies in hundreds of document review projects.
Join top security, privacy and risk experts for an interactive Q&A discussion to learn more about:
- Is privacy the new marketing gold
- How to build your privacy and data security compliance programs
- Should you hire a Data Protection Officer
- Breaches, data leaks and notifications
- Recommendations for improving security and safeguarding privacy beyond GDPR's deadline day
- Debra J. Farber, Sr. Director of Privacy Strategy, BigID
- Others TBA
The session is being brought to you in partnership with ITSPmagazine and will be streamed LIVE from Las Vegas during Black Hat.
Featuring Timothy Edgar, former national security and intelligence official, cybersecurity expert, privacy attorney and civil liberties activist; and Brett Dorr, Director of Solutions Engineering at Virtru.
You've got until May 25, 2018 to comply with GDPR guidelines. Are your email and file sharing systems ready?
In this session, privacy attorney Timothy Edgar and data protection advisor Brett Dorr will provide valuable insights and actionable advice to help you ensure you’re prepared.
Join us, to understand the relevant areas of concern — especially if you are considering or have already made a move to the cloud.
Attend this webinar to learn:
- How GDPR affects all companies doing business in the EU
- Why email protection is important in GDPR
- Key areas related to data protection for emails and files
- What GDPR says specifically about encryption, key management, and access control
- Technical solutions to help you enable compliance when exchanging personal data by email
We’re looking forward to answering your GDPR data protection questions.
Data privacy isn’t an easy task, you need to ensure the security of sensitive information while complying with a variety of regulations. But data privacy never ends and the laws are constantly changing. The answer? A data-centric security strategy covers all corporate data, so you can connect everyone to everything while staying in complete control. The challenge? Knowing where all your mainframe data is located, how it’s being used, who has access to it, and whether it’s compliant with industry regulations.
Join Stuart McIrvine, Vice President of Mainframe Security Product Management to cover the foundation of building data-centric security strategies that cover all corporate data, simplify regulatory compliance, and outline how to leverage security as a competitive advantage, from mobile to mainframe.
Employees leave organizations each year, but did your sensitive data leave with them? Osterman Research found that 39% of companies are not sure that they have recovered all corporate data assets, posing a significant risk in terms of data breach, regulatory and compliance implications, while leaving IT trying to locate and contain sensitive information.
This presentation with Michael Osterman, president of Osterman Research, as he shares new research, and Drew Nielsen, Director of Enterprise Security, Druva. Key learnings include:
* Understanding your organization's data vulnerabilities for data exfiltration
* Recommended technologies, policies, and procedures to protect critical information
* Preparation that can save IT time from potential audits, investigations or litigation
We are all concerned about Privacy. Every day there we hear about multiple PII breach announcements. Our current solution – lets create laws to require announcements and levy fines to encourage proper activities and protections. With GDPR looming on the horizon, as the most recent and perhaps the most comprehensive regulation yet, we find ourselves wondering if others will adopt similar regulations. If so, do we as security professionals need to be concerned about our ability to perform forensic analysis, and gather information outside of our realm of direct influence to identifier a hacker? Do elements of GDPR create a situation in which hunting for a hacker might violate their privacy rights? In the end will companies still be able to monitor and protect their assets as they do today, or will it require a change? This webinar will provide insight into the Privacy vs Security Debate.Read more >
In the age of the customer and data hacks a brand’s reputation can come down to their ability to protect customer data. The transparency that will develop between brand and consumer with the upcoming General Data Protection Regulation (GDPR) will provide organizations with an opportunity to empower and build trust with their customer.
Armed with a unified and single view of the customer, brands will be able to truly personalize the customer journey while maintaining compliance and securing customer data.
Hear from Lewis Barr and David Fowler as they discuss how to turn the GDPR into business opportunity while focusing on the following topics:
- Heightened consent requirements and consent lifecycle management
- Expanded privacy notice requirements
- Data subject access rights (SARs) and fulfillment requirements
- Business exposure and liability for failing to meet these GDPR requirements
- Practical next steps to achieve operational readiness
About the Presenters:
Lewis manages Janrain’s legal compliance and privacy functions as the company continues its international expansion. He brings more than 15 years of leadership in a wide range of legal and privacy-related matters for growing technology companies. Lewis also utilizes his diverse background as a litigator in private practice, federal appeals court staff attorney, and teacher.
David is the Head of Digital Compliance at Act-On Software and is responsible for all issues pertaining to digital compliance, including email deliverability, privacy compliance, and industry stewardship in regard to our customers and our corporate objectives. David has over 20 years’ experience providing senior leadership in the marketing industry. In the last nine years, he has been strictly focused on issues associated with email marketing, deliverability, digital marketing, and privacy compliance.
Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.Read more >
This session will look at some of the recent changes in the regulatory landscape as well as what we can anticipate in the near future. We will try to discern any trends in these developments and discuss how a global company could respond.
Boris joined Accenture in April 2007 and is Responsible for data privacy compliance in the EALA (Europe Africa and Latin America) region. His duties include helping to establish and maintain a progressive Client Data Protection Programme, advising on client and vendor contracts, carrying out privacy impact assessments on new client offerings or new internal systems, managing a network of DPOs, liaising with regulators, promoting Accenture’s BCR application, anticipating regulatory changes and making sure the business stays compliant.
Before moving to Accenture, Boris spent three years at the UK regulator, the Information Commissioner, looking at the world through the eyes of the game keeper, where he advised on data privacy and freedom of information case work and liaised with other European regulators to kick start an unprecedented approvals process known as ‘Binding Corporate Rules’.
His other experience includes six years in private practice as a commercial lawyer specialising in Data Privacy matters and three years in Brussels including spells as press officer of a parliamentary group, an assistant to an MEP, a paralegal at Lovell White Durrant and a stagiaire at the Internal Market Directorate General of the European Commission.
Tuesday, June 26, 2018
8.00 am PST / 11.00 am EST / 4.00 pm BST / 5.00 pm CET
Duration: 30 minutes
The debate around ESG is one of the most compelling in the IR world at the moment: are governance teams at large institutional investors dictating a narrative that is unrepresentative of the broader investment community or are investors genuinely broadening their assessment of what they deem to be material for their investment process?
What is clear is that ESG is much more of a talking point on earnings calls and in other forums between investors and issuers, according to data from Intelligize. In this webinar we will explore how IR teams and corporate secretaries are working together to ensure that their company is well prepared for investor questions on ESG – whether they come from portfolio managers or governance teams.
•Moderator: Ben Ashwell, digital editor, IR Magazine
•David Burdziuk, director of IR, Suncor Energy
•Marc Butler, director of thought leadership, Intelligize
•Sally Curley, founder and CEO, Curley Global IR (CGIR)
Short, sharp and packed with expert insight, this webinar will get you up to speed on these critical issues in just 30 minutes. Sign up to BrightTALK to view this essential briefing and be informed of future webinars produced by IR Magazine and Corporate Secretary.
Holders of the NIRI IRC® credential can earn 1 professional development unit (PDU) per webinar. IRC-credentialed speakers may also earn PDUs. More information is available at www.niri.org/certification.
Digital Transformation is a trend and topic of conversation transcending technology and business professionals; but what is it, and where do you get started? Join Julia White, Corporate Vice President, as she discusses the principles of digital transformation and provides examples of how companies are embracing the potential for change and evolution today.Read more >
Join Bret Arsenault, Worldwide Corporate Vice President and Chief Information Security Officer, Microsoft for a technical deep dive into why security should be at the core of your digital transformation strategy.
Digital transformation presents a host of security challenges for the modern enterprise, from increasingly sophisticated external threats to the internal challenges of new technology adoption and changing business strategies. In this 30-minute presentation, Bret Arsenault, Microsoft CVP and CISO, will discuss how security is at the center of Microsoft’s digital transformation. Sharing the learnings and lessons gleaned from his unique role within Microsoft, from dealing with demanding executive leadership to keeping the enterprise secure in an ever-evolving landscape, Arsenault will touch on the security issues that need be top-of-mind for every C-level executive.
Corporate breaches continue to succeed because attackers can steal the legitimate identities of your employees and use those identities to attack your infrastructure. Far deadlier than malware based attacks, identity based attacks can go undetected for months or years because perpetrators impersonate the methods used by your various privileged accounts as if they were that user. Attackers have changed their methods from the now outdated malware based attacks to the evolved identity based attacks. Learn how analytics, deception, and data streams are saving the security industry, or would have at least saved the Democratic National Committee.
Robert Johnston, CISSP
Behavior Analytics, Active Defense, President & CEO Adlumin.com, Technology Entrepreneur
Previously Mr. Johnston worked in the private sector as a principal consultant at CrowdStrike, Inc as an incident response expert conducting engagements against nation state, criminal, and hacktivist organizations across a variety of industry sectors.
Previously Mr. Johnston served as an officer in the United States Marine Corps. As a Marine Officer he was the Team Lead of 81 National Cyber Protection Team, Cyber National Mission Force and the Director of the Marine Corps Red Team. He is an accomplished leader and technical expert within the cyber security community. Mr. Johnston is a 2008 United States Naval Academy graduate with a degree in Information Technology.
He has published multiple projects and articles in industry relevant magazines and peer reviewed journals. An avid speaker within the cyber security community (ISC)2 awarded him runner up for the best up-and-coming cyber security professional in North, Central, and South America and the winner of the 2015 Community Awareness Government Information Security Leadership Award. Mr. Johnston can be followed on Twitter at @dvgsecurity.