After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Protecting customer privacy is usually closely aligned with security. However, when faced with national security threats, where do companies draw the line? In the example of social media companies that are trying to limit the reach of extremist videos and suspending extremist accounts, a problem can arise when such a system is used by an authoritarian regime to take down or identify individuals opposing it. The same tools, but used in a different context, become something other than what was intended. Join this talk as John Wunderlich, an information privacy and security expert, discusses why incorporating privacy into the design of such tools is key to protecting them from abuse by authoritarian regimes.Read more >
Recent legal debates about the encryption of mobile devices have elevated the topic of enterprise security and its implications on end-user privacy. For example, in the aftermath of the San Bernardino tragedy, we learned that enterprise-managed mobile devices can be remotely unlocked by the IT administrator.
To provide more insight on this complex topic, MobileIron is hosting a panel discussion with mobile security and privacy experts to share what CIOs need to know about mobile security and end-user privacy. Panelists will discuss the implications of the San Bernardino case and how this case helps illustrate best practices for balancing the need for enterprise security with respect for employee privacy.
Privacy vs. security, security vs. privacy… the debate is ongoing. Why can’t we have both? Good news: by leveraging the appropriate mix of policies, procedures and enabling technologies, it is possible to secure data AND control access to it in a way that ensures proper application of privacy policies.Read more >
Personal data of individuals – consumers and employees – is in constant motion across international borders. Nonetheless, existing privacy laws purport to prohibit organizations in many countries from transferring data to another jurisdiction in the absence of adherence to various legal frameworks or contractual mechanisms designed to enhance the protection of personal data.
Those legal frameworks suffered a blow last year when the European Court of Justice struck down the 15 year old Safe Harbor Framework. A year later, the EU-US Privacy Shield Framework has been approved as a replacement, and many companies have begun to certify, but the new Framework remains subject to potential legal challenge. Other European data transfer mechanisms – standard contractual clauses and Binding Corporate Rules – are also subject to legal challenge. And other jurisdictions around the globe in South America, Asia and elsewhere, are imposing restrictions on the transfer or personal data and in some cases even calling for data localization. Yet, data continues to flow in real-time.
What does it mean in the real world? What are the real risks for multinational data owners and for service providers that process data of such data controllers? This presentation will distinguish fact from fiction and provide practical tools for companies that are struggling (understandably) to wrap their virtual arms around the world.
Fino a poco tempo fa, le leggi europee riguardanti la protezione dei dati erano principalmente focalizzate sul consenso della persona, limitazione delle finalità e trasparenza nei trattamenti, etc. mentre gli aspetti inerenti la sicurezza delle informazioni erano considerati, in linea generale, questioni squisitamente tecniche più che di conformità legale.
Questo quadro ora cambia profondamente con l'entrata in vigore il 25 maggio 2016 del nuovo Regolamento Privacy Europeo (GDPR), e con la prossima direttiva europea sulla sicurezza delle reti e dei sistemi informativi (NIS Directive). Tra le nuove e importanti prescrizioni in tema di sicurezza del GDPR spicca in modo particolare quella della violazione dei dati personali, che richiede alle aziende di tutti i settori di effettuare in tali casi la comunicazione al Garante privacy entro 72 ore e, in particolari condizioni, anche la comunicazione senza indebito ritardo a tutte le persone interessate dalla violazione a meno che i dati non siano stati resi inintellegibili (per esempio per mezzo di crittografia). Inoltre la direttiva NIS, una volta recepita nei Paesi Membri della UE, richiederà tra l'altro agli Operatori dei Servizi Essenziali (Energia, Trasporti, Sanità, etc.) e agli Operatori di Servizi Digitali (e-commerce, motori di ricerca on line, Cloud Computing) di comunicare alle autorità competenti nazionali i casi di incidenti di sicurezza.
L’Unione Europea vuole che la conformità alle nuove normative in materia di protezione dei dati diventi una questione prioritaria e ha così prescritto che queste regole siano soggette a pesanti multe (sono previste sanzioni fino a 20 milioni di euro, e per le imprese fino a 4% del fatturato mondiale, se superiore).
Partecipa al webinar organizzato da Symbolic e Gemalto che si terrà il prossimo 15 giugno alle ore 11:00 per conoscere il quadro normativo applicabile e le misure da predisporre per una corretta gestione dei casi di violazioni dati.
The growth of state surveillance appears to be escalating dramatically. With the most recent Wikileaks Vault 7 revelations, it is clear that independent oversight is totally lacking and yet, much-needed if we ever hope to curb such unwarranted surveillance. Transparency relating to such activities is essential in order to hold governments accountable for their actions. The need for both global privacy and security - by design, is growing on a daily basis, and will be outlined in this presentation, in an effort to move things forward.
About the Presenter:
Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts. She is presently the Executive Director of Ryerson University’s Privacy and Big Data Institute. Dr. Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into design, thereby achieving the strongest protection possible. In 2010, International Privacy Regulators unanimously passed a Resolution recognizing Privacy by Design as an international standard. Since then, PbD has been translated into 39 languages. Dr. Cavoukian has received numerous awards recognizing her leadership in privacy, most recently as of the Top 100 Leaders in Identity (January, 2017).
Marketers are driven by data. That’s no secret, but as consumer attitudes shift about how data is collected, managed, and distributed, marketers need to be at the forefront of the data revolution. A recent study found that more Americans are more concerned about their online data privacy than they are about losing their primary source of income.
In this webinar, analytics industry veteran Adam Corey will walk through the changes in consumer sentiment, recent legislation, and technology shifts that affect how marketers work with data, as well as the six things every marketer should know as they build their marketing roadmaps.
Consumers are ambivalent about online privacy. Some surveys suggest outright hostility to mobile-location tracking; others argue users are happy to share personal information for clear rewards and benefits. Consumers also express a desire for greater personalization of online, mobile and shopping experiences. How can these contradictory positions be reconciled?
The privacy landscape is evolving rapidly with Apple making location privacy changes in iOS 8 and state governments getting involved in regulating privacy in the absence of federal action.
Rather than an “issue that will blow over,” privacy has become a central discussion for marketers and brands. It’s the flipside of “big data.” But timidity, passivity and denial won’t work. Stakeholders must proactively tackle the issue head on.
Join Greg Sterling, Senior Analyst with Opus Research, and Future of Privacy Forum founder Jules Polonetsky for an informative, interactive webinar about the latest developments in location and privacy on Wednesday, July 2, 10 am PDT /1 pm EDT.
With the advent of Big Data comes not only new ways to optimise business and marketing processes, but also new concerns over the control and privacy of personal data.
These have given rise to local and regional data protection laws and regulations such as the General Data Protection Regulation (GDPR), a modernisation of data protection laws in the European Union, and the Australian data breach notification law, an amendment to the Privacy Act 1988 (Cth) which introduces a mandatory scheme for eligible organisations and federal agencies to report data breaches.
Data breach notifications give individuals greater control over their personal data and promote transparency over information handling practices, fostering consumer trust in businesses. The law requires businesses to prepare and assess risks to maintain brand confidence even if an incident becomes the next data breach headline.
Join this webinar to learn about:
- New challenges introduced by the Australian mandatory data breach notification law
- Key steps in the journey towards data privacy compliance
- How to monitor insider threats
- How to leverage these regulations to gain trust and ensure great customer experiences
We look forward to your participation in this free webinar.
With Safe Harbor being invalidated and EU-US Privacy Shield and Swiss-US Privacy Shield yet to be tested, UK data privacy post Brexit an unknown, the General Data Protection Regulation coming into effect throughout the EU next year, and the Trump administration potentially poised to ride roughshod over EU surveillance concerns– the uncertainty surrounding the current regulatory environment will inevitably add complexity to the issue of data transfers, especially in the context of international investigations and disputes – and, by extension eDiscovery.
As regulatory investigations and related processes frequently span several years, strategic decisions made today around data transfers will have important ramifications down the line.
Do you know where your/your client’s data currently is hosted and if it is being held in accordance with the various and, at times, conflicting data privacy laws? If the answer is 'no', significant reputation and even financial implications could ensue.
This GIR Live webinar will break down the current data protection laws and set out some considerations and practical guidelines to minimize risk exposure for companies and professional services firms dealing with cross-border investigations and litigation.
In the GIR Live style, the webinar will aim to be highly conversational and will include time for a question and answer session with the presenters.
Issues to be addressed include:
• Data privacy and adequate protection
• What you can do now to remain compliant
• How to manage conflicts of law in a global investigation with practical tips from real life case studies
This session will look at some of the recent changes in the regulatory landscape as well as what we can anticipate in the near future. We will try to discern any trends in these developments and discuss how a global company could respond.
Boris joined Accenture in April 2007 and is Responsible for data privacy compliance in the EALA (Europe Africa and Latin America) region. His duties include helping to establish and maintain a progressive Client Data Protection Programme, advising on client and vendor contracts, carrying out privacy impact assessments on new client offerings or new internal systems, managing a network of DPOs, liaising with regulators, promoting Accenture’s BCR application, anticipating regulatory changes and making sure the business stays compliant.
Before moving to Accenture, Boris spent three years at the UK regulator, the Information Commissioner, looking at the world through the eyes of the game keeper, where he advised on data privacy and freedom of information case work and liaised with other European regulators to kick start an unprecedented approvals process known as ‘Binding Corporate Rules’.
His other experience includes six years in private practice as a commercial lawyer specialising in Data Privacy matters and three years in Brussels including spells as press officer of a parliamentary group, an assistant to an MEP, a paralegal at Lovell White Durrant and a stagiaire at the Internal Market Directorate General of the European Commission.
Proposed new privacy regulations in Europe threaten harsh fines for mismanaging digital customer data across international borders. Many believe it is only a matter of time before these type of strict regulations come to the U.S. What can global brands do to protect themselves and stay ahead of the game? Attend this session to learn what Dell is doing to navigate global legislation, protect consumers, and provide a safe and secure online consumer experience. In this session, you will learn how privacy laws are evolving, and what the key considerations are for implementing an effective online privacy framework.Read more >
Data is the lifeblood of customer marketing, helping global organizations drive better results across the customer lifecycle, from acquisition to retention. Most marketers today would consider themselves data-driven marketers, especially in the age of personalization. But is this approach in danger thanks to the looming "privacy apocalypse,” made possible by a convergence of several trends? Watch this recording featuring experts from Forrester Research and Ensighten on what senior marketers can do to stay ahead of the privacy game, while continuing to drive growth in a way that respects data privacy and security.Read more >
This webcast will consist of a short presentation followed by a panel discussion with a range of subject matter experts.
New EU data protection legislation includes some significant changes like defining a data breach to include data destruction, adding the right to be forgotten, adopting the U.S. practice of breach notifications, and many other new elements. Another major change is a shift from a directive to a rule, which means the protections are the same for all 27 countries and includes significant financial penalties for infractions. This webcast will explore the new EU data protection legislation and highlight the elements that could have significant impacts on data handling practices.
Learn how the EU General Data Protection Regulations affect US based companies.
Join CyberDefenses and Privacy Ref's Bob Siegel to review how the GDPR directly impacts US based corporations. These far-reaching regulations impact any company that stores or transmits identifying information of any individual within the EU.
In this webinar, you will be introduced to the basic elements of the GDPR and you will discuss the requirements that require action for US focused companies.
About Bob Siegel:
President and founder of Privacy Ref, Inc., Bob Siegel, started the company in 2012. After his time as Senior Manager of Worldwide Privacy and Compliance at Staples, Inc., Bob applied his experience and expertise to assisting companies implement and maintain strong privacy programs. Bob has worked with many different organizations, dealing with programs of all sizes and regulatory needs.
Always seeking to improve his own understanding of all things privacy, Bob has earned certifications from the International Association of Privacy Professionals. These include certifications in US private and public sector, European, and Canadian privacy laws. Bob has also earned certifications in Information Technology Privacy and Privacy Program Management. Bob Siegel has also been recognized as a Fellow of Information Privacy by the IAPP for his outstanding dedication to the privacy community. He has also served on the IAPP's Certification Advisory Board for the CIPM program and the IAPP's Publication Advisory Board. Bob also serves on the IAPP’s teaching faculty leading classes in the areas in which he is certified.
CyberDefenses is a premiere cyber security services organization, providing advanced security services to the commercial and federal sectors. CyberDefenses Academy provides advanced training the IT, security and privacy professionals that wish to be at the top of their field.
Following the success of the one-day Secure Events and Security Congress in EMEA, (ISC)² is bringing its acclaimed conferences to a new level. 2017 will feature five two-day regional events to serve the entire (ISC)² EMEA professional community and enable delegates to drive the thinking around the issues and concerns professionals are facing today.
(ISC)² Secure Summits brings multi-subject sessions from hands on practical workshops to keynotes and panel discussions featuring local and international industry experts to maximize the learning experience and CPE opportunity. Our summits offer a wealth of educational value, networking opportunities, and a community forum for likeminded professionals, all of which are FREE to (ISC)² members & (ISC)² Chapter members.Following the success of the one-day Secure Events and Security Congress in EMEA, (ISC)² is bringing its acclaimed conferences to a new level. 2017 will feature five two-day regional events to serve the entire (ISC)² EMEA professional community and enable delegates to drive the thinking around the issues and concerns professionals are facing today.
(ISC)² Secure Summits brings multi-subject sessions from hands on practical workshops to keynotes and panel discussions featuring local and international industry experts to maximize the learning experience and CPE opportunity. Our summits offer a wealth of educational value, networking opportunities, and a community forum for likeminded professionals, all of which are FREE to (ISC)² members & (ISC)² Chapter members.