After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Protecting customer privacy is usually closely aligned with security. However, when faced with national security threats, where do companies draw the line? In the example of social media companies that are trying to limit the reach of extremist videos and suspending extremist accounts, a problem can arise when such a system is used by an authoritarian regime to take down or identify individuals opposing it. The same tools, but used in a different context, become something other than what was intended. Join this talk as John Wunderlich, an information privacy and security expert, discusses why incorporating privacy into the design of such tools is key to protecting them from abuse by authoritarian regimes.Read more >
Privacy vs. security, security vs. privacy… the debate is ongoing. Why can’t we have both? Good news: by leveraging the appropriate mix of policies, procedures and enabling technologies, it is possible to secure data AND control access to it in a way that ensures proper application of privacy policies.Read more >
Recent legal debates about the encryption of mobile devices have elevated the topic of enterprise security and its implications on end-user privacy. For example, in the aftermath of the San Bernardino tragedy, we learned that enterprise-managed mobile devices can be remotely unlocked by the IT administrator.
To provide more insight on this complex topic, MobileIron is hosting a panel discussion with mobile security and privacy experts to share what CIOs need to know about mobile security and end-user privacy. Panelists will discuss the implications of the San Bernardino case and how this case helps illustrate best practices for balancing the need for enterprise security with respect for employee privacy.
Personal data of individuals – consumers and employees – is in constant motion across international borders. Nonetheless, existing privacy laws purport to prohibit organizations in many countries from transferring data to another jurisdiction in the absence of adherence to various legal frameworks or contractual mechanisms designed to enhance the protection of personal data.
Those legal frameworks suffered a blow last year when the European Court of Justice struck down the 15 year old Safe Harbor Framework. A year later, the EU-US Privacy Shield Framework has been approved as a replacement, and many companies have begun to certify, but the new Framework remains subject to potential legal challenge. Other European data transfer mechanisms – standard contractual clauses and Binding Corporate Rules – are also subject to legal challenge. And other jurisdictions around the globe in South America, Asia and elsewhere, are imposing restrictions on the transfer or personal data and in some cases even calling for data localization. Yet, data continues to flow in real-time.
What does it mean in the real world? What are the real risks for multinational data owners and for service providers that process data of such data controllers? This presentation will distinguish fact from fiction and provide practical tools for companies that are struggling (understandably) to wrap their virtual arms around the world.
Fino a poco tempo fa, le leggi europee riguardanti la protezione dei dati erano principalmente focalizzate sul consenso della persona, limitazione delle finalità e trasparenza nei trattamenti, etc. mentre gli aspetti inerenti la sicurezza delle informazioni erano considerati, in linea generale, questioni squisitamente tecniche più che di conformità legale.
Questo quadro ora cambia profondamente con l'entrata in vigore il 25 maggio 2016 del nuovo Regolamento Privacy Europeo (GDPR), e con la prossima direttiva europea sulla sicurezza delle reti e dei sistemi informativi (NIS Directive). Tra le nuove e importanti prescrizioni in tema di sicurezza del GDPR spicca in modo particolare quella della violazione dei dati personali, che richiede alle aziende di tutti i settori di effettuare in tali casi la comunicazione al Garante privacy entro 72 ore e, in particolari condizioni, anche la comunicazione senza indebito ritardo a tutte le persone interessate dalla violazione a meno che i dati non siano stati resi inintellegibili (per esempio per mezzo di crittografia). Inoltre la direttiva NIS, una volta recepita nei Paesi Membri della UE, richiederà tra l'altro agli Operatori dei Servizi Essenziali (Energia, Trasporti, Sanità, etc.) e agli Operatori di Servizi Digitali (e-commerce, motori di ricerca on line, Cloud Computing) di comunicare alle autorità competenti nazionali i casi di incidenti di sicurezza.
L’Unione Europea vuole che la conformità alle nuove normative in materia di protezione dei dati diventi una questione prioritaria e ha così prescritto che queste regole siano soggette a pesanti multe (sono previste sanzioni fino a 20 milioni di euro, e per le imprese fino a 4% del fatturato mondiale, se superiore).
Partecipa al webinar organizzato da Symbolic e Gemalto che si terrà il prossimo 15 giugno alle ore 11:00 per conoscere il quadro normativo applicabile e le misure da predisporre per una corretta gestione dei casi di violazioni dati.
The growth of state surveillance appears to be escalating dramatically. With the most recent Wikileaks Vault 7 revelations, it is clear that independent oversight is totally lacking and yet, much-needed if we ever hope to curb such unwarranted surveillance. Transparency relating to such activities is essential in order to hold governments accountable for their actions. The need for both global privacy and security - by design, is growing on a daily basis, and will be outlined in this presentation, in an effort to move things forward.
About the Presenter:
Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. She is presently the Executive Director of Ryerson University’s Privacy and Big Data Institute. Dr. Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into design, thereby achieving the strongest protection possible. In 2010, International Privacy Regulators unanimously passed a Resolution recognizing Privacy by Design as an international standard. Since then, PbD has been translated into 39 languages. Dr. Cavoukian has received numerous awards recognizing her leadership in privacy, most recently as of the Top 100 Leaders in Identity (January, 2017).
Consumers are ambivalent about online privacy. Some surveys suggest outright hostility to mobile-location tracking; others argue users are happy to share personal information for clear rewards and benefits. Consumers also express a desire for greater personalization of online, mobile and shopping experiences. How can these contradictory positions be reconciled?
The privacy landscape is evolving rapidly with Apple making location privacy changes in iOS 8 and state governments getting involved in regulating privacy in the absence of federal action.
Rather than an “issue that will blow over,” privacy has become a central discussion for marketers and brands. It’s the flipside of “big data.” But timidity, passivity and denial won’t work. Stakeholders must proactively tackle the issue head on.
Join Greg Sterling, Senior Analyst with Opus Research, and Future of Privacy Forum founder Jules Polonetsky for an informative, interactive webinar about the latest developments in location and privacy on Wednesday, July 2, 10 am PDT /1 pm EDT.
With Safe Harbor being invalidated and EU-US Privacy Shield and Swiss-US Privacy Shield yet to be tested, UK data privacy post Brexit an unknown, the General Data Protection Regulation coming into effect throughout the EU next year, and the Trump administration potentially poised to ride roughshod over EU surveillance concerns– the uncertainty surrounding the current regulatory environment will inevitably add complexity to the issue of data transfers, especially in the context of international investigations and disputes – and, by extension eDiscovery.
As regulatory investigations and related processes frequently span several years, strategic decisions made today around data transfers will have important ramifications down the line.
Do you know where your/your client’s data currently is hosted and if it is being held in accordance with the various and, at times, conflicting data privacy laws? If the answer is 'no', significant reputation and even financial implications could ensue.
This GIR Live webinar will break down the current data protection laws and set out some considerations and practical guidelines to minimize risk exposure for companies and professional services firms dealing with cross-border investigations and litigation.
In the GIR Live style, the webinar will aim to be highly conversational and will include time for a question and answer session with the presenters.
Issues to be addressed include:
• Data privacy and adequate protection
• What you can do now to remain compliant
• How to manage conflicts of law in a global investigation with practical tips from real life case studies
Marketers are driven by data. That’s no secret, but as consumer attitudes shift about how data is collected, managed, and distributed, marketers need to be at the forefront of the data revolution. A recent study found that more Americans are more concerned about their online data privacy than they are about losing their primary source of income.
In this webinar, analytics industry veteran Adam Corey will walk through the changes in consumer sentiment, recent legislation, and technology shifts that affect how marketers work with data, as well as the six things every marketer should know as they build their marketing roadmaps.
This session will look at some of the recent changes in the regulatory landscape as well as what we can anticipate in the near future. We will try to discern any trends in these developments and discuss how a global company could respond.
Boris joined Accenture in April 2007 and is Responsible for data privacy compliance in the EALA (Europe Africa and Latin America) region. His duties include helping to establish and maintain a progressive Client Data Protection Programme, advising on client and vendor contracts, carrying out privacy impact assessments on new client offerings or new internal systems, managing a network of DPOs, liaising with regulators, promoting Accenture’s BCR application, anticipating regulatory changes and making sure the business stays compliant.
Before moving to Accenture, Boris spent three years at the UK regulator, the Information Commissioner, looking at the world through the eyes of the game keeper, where he advised on data privacy and freedom of information case work and liaised with other European regulators to kick start an unprecedented approvals process known as ‘Binding Corporate Rules’.
His other experience includes six years in private practice as a commercial lawyer specialising in Data Privacy matters and three years in Brussels including spells as press officer of a parliamentary group, an assistant to an MEP, a paralegal at Lovell White Durrant and a stagiaire at the Internal Market Directorate General of the European Commission.
Proposed new privacy regulations in Europe threaten harsh fines for mismanaging digital customer data across international borders. Many believe it is only a matter of time before these type of strict regulations come to the U.S. What can global brands do to protect themselves and stay ahead of the game? Attend this session to learn what Dell is doing to navigate global legislation, protect consumers, and provide a safe and secure online consumer experience. In this session, you will learn how privacy laws are evolving, and what the key considerations are for implementing an effective online privacy framework.Read more >
Data is the lifeblood of customer marketing, helping global organizations drive better results across the customer lifecycle, from acquisition to retention. Most marketers today would consider themselves data-driven marketers, especially in the age of personalization. But is this approach in danger thanks to the looming "privacy apocalypse,” made possible by a convergence of several trends? Watch this recording featuring experts from Forrester Research and Ensighten on what senior marketers can do to stay ahead of the privacy game, while continuing to drive growth in a way that respects data privacy and security.Read more >
This webcast will consist of a short presentation followed by a panel discussion with a range of subject matter experts.
New EU data protection legislation includes some significant changes like defining a data breach to include data destruction, adding the right to be forgotten, adopting the U.S. practice of breach notifications, and many other new elements. Another major change is a shift from a directive to a rule, which means the protections are the same for all 27 countries and includes significant financial penalties for infractions. This webcast will explore the new EU data protection legislation and highlight the elements that could have significant impacts on data handling practices.
The new technologies are enabling organisations to capture a wealth of personal data and analysis of their behaviour to optimise their services and disrupt traditional business models, but all this means that personal privacy advocates and the regulators are playing catch up with the new EU General Data Protection Regulations (GDPR).
The webinar discusses the data privacy concerns raised due to the pervasive nature of technologies & platforms, the principles used by GDPR to protect an individual's privacy, capabilities that organisations need to consider to protect data. The webinar takes a technology agnostic view by using a capability view and their relation to some of the common frameworks used to design and implement data security.
- Speaker bio -
Sri works with business leaders in setting business goals and achieving them. Sri focuses on leveraging latest technologies to build strategic capabilities through tailored frameworks for their creation, transition and operation. Sri brings together his deep experience in building strategies and solutions for managing data and information in a wide range of industry domains while complying with diverse regulatory regimes using tailored, business aligned, fit-for-purpose solutions for clients.
With a range of qualifications in Information Risk, Audit, Security and Governance, Sri is a board member of ISACA London Chapter. Sri offers a range of management consultancy services for strategic business transformations including training and compliance services related to EU GDPR.
No matter how you feel about Edward Snowden, we could probably all agree that he played a significant role in bringing the privacy and security discussion to the Town Square. His actions have triggered a lot of discussions—within the U.S. government and outside, most notably with the tech industry and its citizens. But has anything changed? And how are things changing now that the United States is under a new administration?
Join Tamara Dull in this webcast as she highlights key events since Snowden’s revelations, where we’re at today, and what’s on the horizon as we move forward with the Trump administration.
About the Presenter:
Tamara Dull is the Director of Emerging Technologies for SAS Best Practices, a thought leadership team at SAS Institute. Through key industry engagements, and provocative articles and publications, she delivers a pragmatic perspective on big data, the Internet of Things, open source, privacy, and cybersecurity. Tamara began her high-tech journey long before the internet was born, and has held both technical and management positions for multiple technology vendors and consultancies, and a non-profit. She is listed in the IoT Institute's "25 Most Influential Women in IoT," as well as the "Big Data 2016: Top 100 Influencers and Brands" and "Top 100 Big Data Experts to Follow in 2016" lists.