Hi [[ session.user.profile.firstName ]]

Managing cloud data breaches in a GDPR world

Since the GDPR came into effect in 2018, organisations are required "without undue delay and, where feasible, not later than 72 hours after becoming aware of it, notify the personal data breach to the supervisory authority". Reacting in such a short time frame calls for a robust response plan, particularly in a cloud environment. This talk will give an overview of the challenges of meeting the requirements of the GDPR while at the same time providing insights into how organisations can ensure they respond effectively and efficiently.
Recorded Apr 15 2021 30 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brian Honan, BH Consulting
Presentation preview: Managing cloud data breaches in a GDPR world

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Managing cloud data breaches in a GDPR world Recorded: Apr 15 2021 30 mins
    Brian Honan, BH Consulting
    Since the GDPR came into effect in 2018, organisations are required "without undue delay and, where feasible, not later than 72 hours after becoming aware of it, notify the personal data breach to the supervisory authority". Reacting in such a short time frame calls for a robust response plan, particularly in a cloud environment. This talk will give an overview of the challenges of meeting the requirements of the GDPR while at the same time providing insights into how organisations can ensure they respond effectively and efficiently.
  • Navigating International Data Transfers in the Cloud Recorded: Apr 15 2021 61 mins
    Nathaly Rey (Google), Marc Lueck (Zscaler), Neil Thacker (Netskope), Linda Thielova (OneTrust), Giuseppe Brizio (Qualys)
    The Schrems II decision presents challenges for companies and practitioners when it comes to managing International Data Transfers. There are many questions and answers from regulators, governments, lawyers and others. The consultation of the European Data Protection Board Recommendations on Additional Safeguards and the European Commission's draft on new Standard Contractual Clauses generated even more questions and answers. The final version of EDPB’s Recommendations are about to come. What can we do in the meantime? Learn from Privacy Experts how to bring this into practical reality.
    Is there a way out of the jungle to check on a case-by-case basis before transferring data overseas?
    What is operational and technically feasible?
  • GDPR: Data breach prevention & mitigation - Lessons learned in the past year Recorded: May 28 2019 61 mins
    Istvan Lám, CEO, Tresorit & Daniele Catteddu, CTO, Cloud Security Alliance
    Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous evaluation of data flows in and outside the company.

    This webinar brings together Daniele Catteddu, Chief Technology Officer of the Cloud Security Alliance (CSA) and Istvan Lám, CEO of Cloud encryption company, Tresorit to discuss the key learnings since the GDPR entered into force with focus on data breach prevention and mitigation.

    The speakers will reflect, in particular, on the following aspects:
    - Key learnings from data breach notifications & fines imposed so far
    - Best practices for breach detection and reporting
    - Challenges regarding the assessment of the severity of personal data breaches
    - The most common types of data breaches and how to mitigate their impact
    - Assessment of real-case data breaches, determination of what went wrong, and discussion on the implications for compliance with the GDPR going forward
  • Protecting personal data in the cloud:lessons learned after 12 months of GDPR Recorded: May 20 2019 62 mins
    Neil Thacker, EMEA CISO, Netskope
    As the GDPR enforcement anniversary arrives, we ask: "What lessons have been learned over the past year with regard to the effective protection of personal data?" and "What steps have organisations been taking to meet the requirements of the GDPR?". The past year has seen organisations continuing to undergo 'digital transformation' - increasing employee mobility and migrating their data to the cloud. How does digital transformation change an organisation's data protection requirements? And what steps should organisations take to ensure their regulatory requirements are met as their cloud adoption continues apace?

    This webinar will cover the following:
    - Maintaining a Record of Processing Activity in a cloud-first world
    - Mapping data flows across multi-cloud environments
    - Cloud Service Agreements and Data Processing Addendums best practice
  • Protection & Privacy in the Cloud: Operationalizing Privacy in AWS Environments Recorded: Mar 14 2019 54 mins
    Nimrod Vax, BigID Head of Product & Bill Reid, AWS Senior Manager, Leader, Security and Compliance Solution Architecture
    New privacy regulations like GDPR and CCPA make finding and protecting personal information more critical than ever. This means being able to identify both PII and contextual PI by person at scale. This Webinar featuring BigID’s Head of Product and AWS's Leader of Security and Compliance Solution Architecture will examine best practices for finding, protecting and automating PI/PII-centric privacy tasks at scale.

    What You Will Learn:
    - How to find PII/PI across AWS
    - The difference between Protection and Privacy
    - How to actualize privacy tasks like DSAR
    - The role of ML in cloud-first privacy engineering
  • Vendor Risk Management from the GDPR to California Privacy (CCPA) Recorded: Jan 10 2019 55 mins
    Blake Brannon, VP of Products, OneTrust
    In this webinar, we will deep dive into managing the vendor lifecycle under the GDPR, California Privacy (CCPA), and other global regulations. As organizations continue to improve their privacy and security programs, streamlining third-and fourth-party vendor risk has become a priority. This includes everything from filling out vendor assessments like the CSA Consensus Assessments Initiative Questionnaire (CAIQ), gaining sufficient guarantees from your vendors, to efficiently working with them during an audit or incident and much more.

    Together, the Cloud Security Alliance (CSA) and OneTrust launched a free Vendor Risk Management (VRM) tool to automate the vendor risk lifecycle for compliance with global privacy and security frameworks. Learn how to implement CSA-OneTrust Vendor Risk Management (VRM) tool to create successful vendor risk processes, expedite vendor onboarding with built in assessments, and hear practical advice on how to automate vendor risk within a software platform, all while meeting legal compliance obligations.
  • A GDPR Compliance & Preparation Report Card Recorded: Jun 27 2018 51 mins
    Neil Thacker, CISO, EMEA -- Netskope
    With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security policies and programs. Join Neil Thacker, CISO, EMEA at Netskope for a discussion of our recent study with the Cloud Security Alliance on how organizations have prepared for meeting the requirements of the GDPR and what has been the initial impact on their businesses.

    Session topics will include:
    · Preparation for the GDPR including budget and personnel
    · Frameworks organizations are using to comply with the GDPR
    · Company demographics, challenging articles and convergence of security, data protection and privacy roles
  • GDPR: Personal Data Protection Compliance is a Business Matter Recorded: May 22 2018 59 mins
    Prof. Dr. Paolo Balboni, Business Lawyer and Partner at ICT Legal Consulting
    Many companies approach compliance activities with the forthcoming European General Data Protection Regulation REGULATION (EU) 2016/679 as a purely legal matter. But this is a very shortsighted approach. Compliance with the GDPR is becoming a necessary business requirement. Only companies that will be able to reassure business partners and consumers regarding their alignment to the new EU Regulation will stay competitive in the digital market. Moreover, if performed in a strategic way, compliance with the GDPR enables businesses to process personal data in manifold ways and thus to extract meaningful information from them in order to better serve actual and future customers, as well as to improve efficiency.

    During the webinar Prof. Dr. Paolo Balboni (Business Lawyer, Partner at ICT Legal Consulting) will present a strategic approach to GDPR compliance aimed at mitigating the legal risk and maximising the benefits of data processing activities.
  • The Road to GDPR Compliance: Tips from the Cloud Security Alliance and Dome9 Recorded: May 3 2018 57 mins
    Daniele Catteddu of CSA and Marina Segal of Dome9 Security
    General Data Protection Regulation (GDPR) is coming into effect on May 25, 2018. The requirements of GDPR are substantial and the penalties for non-compliance are severe. The new regulation will require companies across the globe to rethink how they store and handle customer data. Has your organization implemented the legal and technological controls required to comply?

    In this webinar, Daniele Catteddu, CTO of the Cloud Security Alliance (CSA) and Marina Segal, Lead Compliance Product Manager at Dome9, will discuss key challenges and best practices to address GDPR requirements. The webinar will cover compliance automation solutions available to help organizations achieve GDPR compliance and meet the May deadline.

    Topics we will cover:
    -Code of Conduct & Certification for GDPR Compliance
    -Where the most likely GDPR violations will occur
    -The impact of running workloads in the public cloud on GDPR
    -Best practices to simplify and speed up compliance
  • Privacy Level Agreement Code of Conduct for CSPs: a compliance tool for GDPR Recorded: Aug 17 2017 60 mins
    Nicola Franchetto of ICT Legal Consulting
    Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.
  • Developing a Proactive Approach to GDPR Compliance Recorded: Nov 3 2016 49 mins
    Yael Nishry and Doug Lane of Vaultive
    As the May 25, 2018 deadline for compliance with the new General Data Protection Regulation (GDPR) rapidly approaches, enterprise IT organizations must implement a cloud data security strategy that supports compliance and minimizes their organization’s exposure to new breach notification requirements and financial penalties as high as 20 million Euros or 4 percent of total annual turnover.

    Yael Nishry and Doug Lane from the Vaultive team have extensive backgrounds in risk management and enterprise security technologies. Join them for this event as they discuss what organizations should be doing to prepare for this new regulation.

    During this webinar you'll learn:

    · The key cloud data security takeaways from GDPR

    · What steps can you take to mitigate risk and reduce the notifications required in the event of a data breach

    · The challenges of data transfers under the new regulation and how to overcome them

    · What is the role and expectation of your cloud provider when it comes to GDPR

    · How your company can enforce best-practice segregation of duties between your data and the cloud service provider processing it
Your resource for webinars on all things GDPR
Learn all about GDPR. What is it? How should you prepare? What's the impact of the data protection officer on the enterprise? Hear from a variety of SMEs including regulators, privacy professionals, end-users, providers, and lawyers

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Managing cloud data breaches in a GDPR world
  • Live at: Apr 15 2021 5:47 pm
  • Presented by: Brian Honan, BH Consulting
  • From:
Your email has been sent.
or close