After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Protecting customer privacy is usually closely aligned with security. However, when faced with national security threats, where do companies draw the line? In the example of social media companies that are trying to limit the reach of extremist videos and suspending extremist accounts, a problem can arise when such a system is used by an authoritarian regime to take down or identify individuals opposing it. The same tools, but used in a different context, become something other than what was intended. Join this talk as John Wunderlich, an information privacy and security expert, discusses why incorporating privacy into the design of such tools is key to protecting them from abuse by authoritarian regimes.Read more >
Privacy vs. security, security vs. privacy… the debate is ongoing. Why can’t we have both? Good news: by leveraging the appropriate mix of policies, procedures and enabling technologies, it is possible to secure data AND control access to it in a way that ensures proper application of privacy policies.Read more >
Recent legal debates about the encryption of mobile devices have elevated the topic of enterprise security and its implications on end-user privacy. For example, in the aftermath of the San Bernardino tragedy, we learned that enterprise-managed mobile devices can be remotely unlocked by the IT administrator.
To provide more insight on this complex topic, MobileIron is hosting a panel discussion with mobile security and privacy experts to share what CIOs need to know about mobile security and end-user privacy. Panelists will discuss the implications of the San Bernardino case and how this case helps illustrate best practices for balancing the need for enterprise security with respect for employee privacy.
Personal data of individuals – consumers and employees – is in constant motion across international borders. Nonetheless, existing privacy laws purport to prohibit organizations in many countries from transferring data to another jurisdiction in the absence of adherence to various legal frameworks or contractual mechanisms designed to enhance the protection of personal data.
Those legal frameworks suffered a blow last year when the European Court of Justice struck down the 15 year old Safe Harbor Framework. A year later, the EU-US Privacy Shield Framework has been approved as a replacement, and many companies have begun to certify, but the new Framework remains subject to potential legal challenge. Other European data transfer mechanisms – standard contractual clauses and Binding Corporate Rules – are also subject to legal challenge. And other jurisdictions around the globe in South America, Asia and elsewhere, are imposing restrictions on the transfer or personal data and in some cases even calling for data localization. Yet, data continues to flow in real-time.
What does it mean in the real world? What are the real risks for multinational data owners and for service providers that process data of such data controllers? This presentation will distinguish fact from fiction and provide practical tools for companies that are struggling (understandably) to wrap their virtual arms around the world.
Fino a poco tempo fa, le leggi europee riguardanti la protezione dei dati erano principalmente focalizzate sul consenso della persona, limitazione delle finalità e trasparenza nei trattamenti, etc. mentre gli aspetti inerenti la sicurezza delle informazioni erano considerati, in linea generale, questioni squisitamente tecniche più che di conformità legale.
Questo quadro ora cambia profondamente con l'entrata in vigore il 25 maggio 2016 del nuovo Regolamento Privacy Europeo (GDPR), e con la prossima direttiva europea sulla sicurezza delle reti e dei sistemi informativi (NIS Directive). Tra le nuove e importanti prescrizioni in tema di sicurezza del GDPR spicca in modo particolare quella della violazione dei dati personali, che richiede alle aziende di tutti i settori di effettuare in tali casi la comunicazione al Garante privacy entro 72 ore e, in particolari condizioni, anche la comunicazione senza indebito ritardo a tutte le persone interessate dalla violazione a meno che i dati non siano stati resi inintellegibili (per esempio per mezzo di crittografia). Inoltre la direttiva NIS, una volta recepita nei Paesi Membri della UE, richiederà tra l'altro agli Operatori dei Servizi Essenziali (Energia, Trasporti, Sanità, etc.) e agli Operatori di Servizi Digitali (e-commerce, motori di ricerca on line, Cloud Computing) di comunicare alle autorità competenti nazionali i casi di incidenti di sicurezza.
L’Unione Europea vuole che la conformità alle nuove normative in materia di protezione dei dati diventi una questione prioritaria e ha così prescritto che queste regole siano soggette a pesanti multe (sono previste sanzioni fino a 20 milioni di euro, e per le imprese fino a 4% del fatturato mondiale, se superiore).
Partecipa al webinar organizzato da Symbolic e Gemalto che si terrà il prossimo 15 giugno alle ore 11:00 per conoscere il quadro normativo applicabile e le misure da predisporre per una corretta gestione dei casi di violazioni dati.
Consumers are ambivalent about online privacy. Some surveys suggest outright hostility to mobile-location tracking; others argue users are happy to share personal information for clear rewards and benefits. Consumers also express a desire for greater personalization of online, mobile and shopping experiences. How can these contradictory positions be reconciled?
The privacy landscape is evolving rapidly with Apple making location privacy changes in iOS 8 and state governments getting involved in regulating privacy in the absence of federal action.
Rather than an “issue that will blow over,” privacy has become a central discussion for marketers and brands. It’s the flipside of “big data.” But timidity, passivity and denial won’t work. Stakeholders must proactively tackle the issue head on.
Join Greg Sterling, Senior Analyst with Opus Research, and Future of Privacy Forum founder Jules Polonetsky for an informative, interactive webinar about the latest developments in location and privacy on Wednesday, July 2, 10 am PDT /1 pm EDT.
This session will look at some of the recent changes in the regulatory landscape as well as what we can anticipate in the near future. We will try to discern any trends in these developments and discuss how a global company could respond.
Boris joined Accenture in April 2007 and is Responsible for data privacy compliance in the EALA (Europe Africa and Latin America) region. His duties include helping to establish and maintain a progressive Client Data Protection Programme, advising on client and vendor contracts, carrying out privacy impact assessments on new client offerings or new internal systems, managing a network of DPOs, liaising with regulators, promoting Accenture’s BCR application, anticipating regulatory changes and making sure the business stays compliant.
Before moving to Accenture, Boris spent three years at the UK regulator, the Information Commissioner, looking at the world through the eyes of the game keeper, where he advised on data privacy and freedom of information case work and liaised with other European regulators to kick start an unprecedented approvals process known as ‘Binding Corporate Rules’.
His other experience includes six years in private practice as a commercial lawyer specialising in Data Privacy matters and three years in Brussels including spells as press officer of a parliamentary group, an assistant to an MEP, a paralegal at Lovell White Durrant and a stagiaire at the Internal Market Directorate General of the European Commission.
Proposed new privacy regulations in Europe threaten harsh fines for mismanaging digital customer data across international borders. Many believe it is only a matter of time before these type of strict regulations come to the U.S. What can global brands do to protect themselves and stay ahead of the game? Attend this session to learn what Dell is doing to navigate global legislation, protect consumers, and provide a safe and secure online consumer experience. In this session, you will learn how privacy laws are evolving, and what the key considerations are for implementing an effective online privacy framework.Read more >
Data is the lifeblood of customer marketing, helping global organizations drive better results across the customer lifecycle, from acquisition to retention. Most marketers today would consider themselves data-driven marketers, especially in the age of personalization. But is this approach in danger thanks to the looming "privacy apocalypse,” made possible by a convergence of several trends? Watch this recording featuring experts from Forrester Research and Ensighten on what senior marketers can do to stay ahead of the privacy game, while continuing to drive growth in a way that respects data privacy and security.Read more >
This webcast will consist of a short presentation followed by a panel discussion with a range of subject matter experts.
New EU data protection legislation includes some significant changes like defining a data breach to include data destruction, adding the right to be forgotten, adopting the U.S. practice of breach notifications, and many other new elements. Another major change is a shift from a directive to a rule, which means the protections are the same for all 27 countries and includes significant financial penalties for infractions. This webcast will explore the new EU data protection legislation and highlight the elements that could have significant impacts on data handling practices.
Recent controversies such as Apple vs FBI have highlighted that often strong security is a prerequisite for privacy, and that upholding privacy can ensure stronger security is built into software. As consumers become more aware of privacy issues, can the argument still be made that security must be sacrificed in place of privacy? How do new technologies confirm or deny this notion?Read more >
Germany and France have “Declared War” on encryption in the name of national security and fighting terrorism at the same time that Apple and Microsoft have increased their encryption to ensure privacy. The twin concepts of Privacy and Security seem to be at odds with each other with governments primarily pushing for less personal privacy to provide greater national security while private corporations are pushing for more personal privacy claiming that personal privacy has little to no effect on national security or the fight against terrorism. How can both be right/wrong? How is it trending? Join us for a look at where we are now, how we got here, why most people are asking the wrong questions, and how the outcome of this battle will affect individuals, corporations, and countries alike.Read more >
The jury is still out on whether Edward Snowden was a hero, traitor, or schmuck. Regardless of the scarlet letter we want to hang around his neck, we should thank him for helping bring the discussion of big data privacy and security to the public square. It’s not just for the privacy freaks and security geeks in the back room anymore. In this session, we’ll take a look at these issues in context of the six-stage (big) data lifecycle: create, store, use, share, archive, and destroy. We each have a role to play in this privacy/security theater. What’s yours going to be?Read more >
Are government encryption backdoors and privacy in such a fundamental conflict that one necessarily obliterates the other. We will also be examining this issue in the context of the big data era - is law enforcement really going dark or is right now the golden age of surveillance?Read more >
The web browser is arguably the most utilized software on any given endpoint. The browser has evolved into a feature-rich tool used to consume & create content of all kinds, conduct financial transactions, access sensitive health care information -- you name an application and data type and someone has a browser based solution.
Browsers are also the least managed software in the enterprise. Most IT shops have abdicated control of the browser. Bolt-on browser security solutions, like proxies and application firewalls, rest on the enterprise perimeter and, in our mobile BYOD world, ultimately still leave the endpoint, the user, and the user's data exposed.
There is a natural tension between the browser, enterprise IT security, and privacy. The browser exposes the user and the user's data to both security and privacy risks. Security and privacy objectives may overlap; but, they are just as often at odds. For example, most enterprises conduct content inspection and blocking of user browsing activity; few enterprises encourage or allow a user to take advantage of TOR and other anonymization and privacy technologies. Meanwhile, enterprise and user confidential data is the treasure that bad guys are hunting.
Why is Privacy Important? Why is Security Important? Can We have Both?
Some of the topics covered in this panel discussion include:
• Personal responsibility
• The roll of government
• Online Advertising/Tracking
• Law Enforcement
• Location-based tracking
• Bob Carver, Cybersecurity Guru at Verizon Wireless
• Dr. Ann Cavoukian, International Privacy Expert, Professor - Ryerson University - Toronto
• Scott Schober, Cybersecurity Expert and Author of "Hacked Again"
• Dan Lohrmann, Chief Strategist & Chief Security Officer at Security Mentor, Inc.