Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous evaluation of data flows in and outside the company.
This webinar brings together Daniele Catteddu, Chief Technology Officer of the Cloud Security Alliance (CSA) and Istvan Lám, CEO of Cloud encryption company, Tresorit to discuss the key learnings since the GDPR entered into force with focus on data breach prevention and mitigation.
The speakers will reflect, in particular, on the following aspects:
- Key learnings from data breach notifications & fines imposed so far
- Best practices for breach detection and reporting
- Challenges regarding the assessment of the severity of personal data breaches
- The most common types of data breaches and how to mitigate their impact
- Assessment of real-case data breaches, determination of what went wrong, and discussion on the implications for compliance with the GDPR going forward
As the GDPR enforcement anniversary arrives, we ask: "What lessons have been learned over the past year with regard to the effective protection of personal data?" and "What steps have organisations been taking to meet the requirements of the GDPR?". The past year has seen organisations continuing to undergo 'digital transformation' - increasing employee mobility and migrating their data to the cloud. How does digital transformation change an organisation's data protection requirements? And what steps should organisations take to ensure their regulatory requirements are met as their cloud adoption continues apace?
This webinar will cover the following:
- Maintaining a Record of Processing Activity in a cloud-first world
- Mapping data flows across multi-cloud environments
- Cloud Service Agreements and Data Processing Addendums best practice
Nimrod Vax, BigID Head of Product & Bill Reid, AWS Senior Manager, Leader, Security and Compliance Solution Architecture
New privacy regulations like GDPR and CCPA make finding and protecting personal information more critical than ever. This means being able to identify both PII and contextual PI by person at scale. This Webinar featuring BigID’s Head of Product and AWS's Leader of Security and Compliance Solution Architecture will examine best practices for finding, protecting and automating PI/PII-centric privacy tasks at scale.
What You Will Learn:
- How to find PII/PI across AWS
- The difference between Protection and Privacy
- How to actualize privacy tasks like DSAR
- The role of ML in cloud-first privacy engineering
In this webinar, we will deep dive into managing the vendor lifecycle under the GDPR, California Privacy (CCPA), and other global regulations. As organizations continue to improve their privacy and security programs, streamlining third-and fourth-party vendor risk has become a priority. This includes everything from filling out vendor assessments like the CSA Consensus Assessments Initiative Questionnaire (CAIQ), gaining sufficient guarantees from your vendors, to efficiently working with them during an audit or incident and much more.
Together, the Cloud Security Alliance (CSA) and OneTrust launched a free Vendor Risk Management (VRM) tool to automate the vendor risk lifecycle for compliance with global privacy and security frameworks. Learn how to implement CSA-OneTrust Vendor Risk Management (VRM) tool to create successful vendor risk processes, expedite vendor onboarding with built in assessments, and hear practical advice on how to automate vendor risk within a software platform, all while meeting legal compliance obligations.
With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security policies and programs. Join Neil Thacker, CISO, EMEA at Netskope for a discussion of our recent study with the Cloud Security Alliance on how organizations have prepared for meeting the requirements of the GDPR and what has been the initial impact on their businesses.
Session topics will include:
· Preparation for the GDPR including budget and personnel
· Frameworks organizations are using to comply with the GDPR
· Company demographics, challenging articles and convergence of security, data protection and privacy roles
Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting
Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted approach. Compliance with the GDPR is becoming a necessary business requirement. Only companies that will be able to reassure business partners and consumers regarding their alignment to the new EU Regulation will stay competitive in the digital market. Moreover, if performed in a strategic way, compliance with the GDPR enables businesses to process personal data in manifold ways and thus to extract meaningful information from them in order to better serve actual and future customers, as well as to improve efficiency.
During the webinar Prof. Dr. Paolo Balboni (Business Lawyer, Partner at ICT Legal Consulting) will present a strategic approach to GDPR compliance aimed at mitigating the legal risk and maximising the benefits of data processing activities.
Daniele Catteddu of CSA and Marina Segal of Dome9 Security
General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. The requirements of GDPR are substantial and the penalties for non-compliance are severe. The new regulation will require companies across the globe to rethink how they store and handle customer data. Has your organization implemented the legal and technological controls required to comply?
In this webinar, Daniele Catteddu, CTO of the Cloud Security Alliance (CSA) and Marina Segal, Lead Compliance Product Manager at Dome9, will discuss key challenges and best practices to address GDPR requirements. The webinar will cover compliance automation solutions available to help organizations achieve GDPR compliance and meet the May deadline.
Topics we will cover:
-Code of Conduct & Certification for GDPR Compliance
-Where the most likely GDPR violations will occur
-The impact of running workloads in the public cloud on GDPR
-Best practices to simplify and speed up compliance
Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.
As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total annual turnover.
Yael Nishry and Doug Lane from the Vaultive team have extensive backgrounds in risk management and enterprise security technologies. Join them for this event as they discuss what organizations should be doing to prepare for this new regulation.
During this webinar you'll learn:
· The key cloud data security takeaways from GDPR
· What steps can you take to mitigate risk and reduce the notifications required in the event of a data breach
· The challenges of data transfers under the new regulation and how to overcome them
· What is the role and expectation of your cloud provider when it comes to GDPR
· How your company can enforce best-practice segregation of duties between your data and the cloud service provider processing it
Learn all about GDPR. What is it? How should you prepare? What's the impact of the data protection officer on the enterprise? Hear from a variety of SMEs including regulators, privacy professionals, end-users, providers, and lawyers
International Data TransferNeil Thacker, Netscope. Nathaly Rey, Google Marc Lueck, Zscaler, Giuseppe Brizio, Qualys Nick Gross, OneTrust[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]60 mins