Hi [[ session.user.profile.firstName ]]

Riding New Data Regulation Waves: Intro to CCPA

Surf's up! Coming into force in 2020 is the California Consumer Privacy Law. As a new privacy law in the United States, the CCPL breaks significant ground. Following international trends, those living in California will soon have stronger privacy rights.

If you do business in the state or process data on California residents, time to pay attention. Get amped with Privacy Technologist Victoria McIntosh, breaking down what you need to know about the new regulation.
Recorded May 22 2019 54 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Victoria McIntosh, Information & Privacy Professional
Presentation preview: Riding New Data Regulation Waves: Intro to CCPA

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Harmonizing Standards & Controls for Intelligent Risk Governance Dec 17 2020 6:00 pm UTC 75 mins
    Moderated by Colin Whittaker, Founder of Informed Risk Decisions.
    One of the biggest challenges faced by compliance officers, CISOs, and CROs in today’s world is complying with various standards available in the market. Historically, risk management has been a complex subject, and many companies continue to exercise risk oversight in siloed ways that limit the board’s view of risk, leaving management blind not only to certain risks but also to the opportunities that risks present.

    To address risk effectively, risk management must be integrated into day-to-day business practices. An enterprise-level approach to standards and controls harmonization can enable risk intelligence, putting the right risk-related information in the hands of the right people at the right time, while avoiding the common pitfall of capabilities becoming siloed. Attend this CPE accredited webinar to gain insights from our expert panel on the key factors, including how to:

    - Promote an integrated approach to risk management and assurance.
    - Assign risk-related roles and responsibilities.
    - Define a comprehensive list of controls to implement.
    - Track the progress of the governance program along a Risk Intelligence maturity model.
  • [Earn CPE] Executive Tips to Present Cybersecurity to the Board Nov 19 2020 6:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • [Earn CPE] A Third-Party Risk Management Masterclass Sep 24 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • [Earn CPE] Executive Tips to Modernize Your Compliance Program Aug 27 2020 5:00 pm UTC 75 mins
    Under the weight of new and changing regulations around the world, many organizations struggle to achieve compliance. They often lack a holistic view of their compliance profile and face increasing challenges due to digital transformation. Chief Compliance Officers who take a top-down approach are often met with resistance, but a successful program requires management to actively participate, not just sign off.  

    Organizations can no longer afford to apply check-the-box approaches to compliance. Executive management must take a variety of actions to demonstrate leadership and commitment to the company’s compliance management program. On this CPE accredited webinar our panel of experts will discuss the current compliance landscape and challenges facing today's organizations, and they will address best practices to modernize your compliance program, including how to:

    - Use a risk-based approach to meet regulatory demands.
    - Employ digital transformation in the management of compliance obligations.
    - Understand the impacts of regulatory changes and minimize resource-intensive manual processes.
    - Get buy-in from other departments and create a working group of stakeholders to develop and improve your compliance program.
  • [Earn CPE] Implementing a Global Privacy Framework for End-to-End Compliance Jul 30 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
    GDPR is a global phenomenon because as we all know, it applies not only to organisations located within the European Union (EU) but also to those outside of it, if they market to or monitor EU data subjects. It has set a benchmark that non-EU regulators are increasingly willing to match or even exceed, with emerging legislation such as The California Consumer Privacy Act and India’s Draft Data Protection Bill enacted.

    For many organisations, implementation was less challenging than they feared, as a lot of the building blocks for the CCPA were already in place after GDPR implementation. However, the bigger picture is that many issues are not yet fully resolved. The detail surrounding the data organisations hold (whose it is, why it is being held, and how it is being managed)- not just across IT systems but also devices, messaging services, social media and more – is often not yet clear. The way that the GDPR bumps up against existing laws is also not fully resolved. Just one example is data retention, where other laws require data to be kept for longer than the GDPR demands.

    Add to that the varying business imperatives, regional differences, and legal perspectives that impact on data privacy and in many ways the journey is just beginning. The positive here is that as these issues are addressed, better privacy models will emerge that not only aid compliance but also boost agility and support business growth. Join this CPE accredited webinar and listen to our expert panel discuss how to implement a global privacy framework for end-to-end-compliance, including how to:

    - Better align global privacy data regulations,
    - Enable business agility by forstering greater interplay between CIOs, CTOs, DPOs and CEOs,
    - Create successful privacy frameworks that are globally aligned, and locally deployed.
  • [Earn CPE] Automated Integrations for Third-Party Risk Management Jun 25 2020 5:00 pm UTC 75 mins
    Panel Moderated by Colin Whittaker, Founder of Informed Risk Decisions
  • Data Privacy in 2020 and Beyond Jun 17 2020 3:00 pm UTC 60 mins
    Panelists TBA
    Is your organization aware of the main differences in data regulations around the world?

    Join this panel of industry leaders for an interactive Q&A roundtable to get a comprehensive look into the different data privacy and security requirements. The panel will also discuss what to expect in 2020 and beyond.

    Viewers will learn more about:
    - What's new on the data privacy and compliance landscape
    - Main differences between data regulations around the world and what this means for your organization
    - Expert recommendations regarding best tools and practices for achieving and maintaining compliance
    - The future of data privacy
    - What to expect in 2020 and beyond
  • Earn CPE| Privileged Access Management: What You Need to Know for Data Security May 21 2020 5:00 pm UTC 75 mins
    Colin Whittaker with Chad Wood, Galvanize; Joseph Carson, Thycotic; Chad Carter, Wallix; and Ilia Sotnikov, Netwrix
    Whether your organization is just getting started with a Privileged Access Management (PAM) program, or you are focused on implementing advanced PAM strategies to align with new digital transformation investments, this CPE accredited education webinar will address what you need to know for data security.

    Our panel of experts will outline the key challenges and offer some clear recommendations that emphasize the critical role of people, processes and technology in effectively mitigating PAM risk and making purchase decisions, including:

    - Tracking and Securing Every Privileged Account.
    - Governing and Controlling Access.
    - Recording and Auditing Privileged Activity.
    - Operationalizing Privileged Tasks.
  • [PANEL] How to Simplify Cyber Risk Management? May 13 2020 3:00 pm UTC 60 mins
    Kalani Enos (Immersion Security) | Panelists TBA
    In today’s multi-cloud and hybrid environments, CISO's are struggling to secure assets, manage security policies across clouds, monitor and mitigate risks, while also supporting the business. How are CISOs solving the challenge of complexity?

    Join this panel of experts to learn how to simplify cyber risk management as well as maximize the value of your team and technology.
    - Risk scoring and security controls
    - How to identify risks for organizations and their third-party vendors
    - How to prevent, detect, and respond to, privacy and network security incidents
    - Best of vulnerability and risk management in a multi-vendor environment
    - Best practices and use cases across industries

    Kalani Enos, Partner, VCISO & Threat Intelligence, Immersion Security (Moderator)
  • GDPR’s 2nd Anniversary: Wins, Challenges & Lessons for Organizations May 6 2020 4:00 pm UTC 60 mins
    Panelists TBA
    It’s been two years since EU's General Data Protection Regulation (GDPR) came into force. So far, $126 million in fines have been imposed, and over 160,000 data breaches have been reported in this time -- most of them coming from the UK, Germany or the Netherlands, according to the law firm DLA Piper.

    Join us for an in-depth look into how the data regulations world has changed since GDPR and what this means for businesses in the US, UK, Europe and globally (compliance, security, privacy).
    - Post-GDPR data regulations around the world
    - GDPR vs CCPA
    - Data access rights - Has anything changed?
    - Facial recognition & GDPR
    - Is GDPR turning into a “paper tiger”
    - GDPR & the Coronavirus pandemic
  • [Earn CPE] Achieving Faster Business Growth with Better Vendor Onboarding Apr 23 2020 5:00 pm UTC 75 mins
    Speakers: Evan Tegethoff, Will Ricciardi, and Andrew Calo of BitSight Technologies
    Companies work with third-party vendors to help them become leaner, more agile, flexible, and efficient, so they can go to market faster and beat the competition. However, onboarding remains the most time consuming and pressurized part of the process, as security leaders try to balance meeting the demands with the business with the fundamentals of good security. According to Gartner it now takes an average of 90 days to onboard a new vendor, 20 days longer than four years ago.

    Furthermore, the recent large scale shift to work from home in response to COVID-19 has accelerated the adoption of new vendors as companies try to enable a newly remote workforce, adding even more pressure on third-party risk managers to onboard and operationalize third-parties faster than ever. Join BitSight’s Evan Tegethoff, Will Ricciardi, and Andrew Calo to learn how third-party risk managers can create faster, less costly and more scalable onboarding processes that enable the business to grow faster and become adaptive to a changing environment, including how to:

    - Reduce time and cost to onboard new vendors
    - Scale your program more efficiently
    - Use tiering to prioritize your assessment process
    - Use an adaptive process to monitor your vendors
  • The threat within: Are we ready for the future of DDOS attacks? Apr 9 2020 12:00 am UTC 45 mins
    Udaya Wijesinghe, Senior Cybersecurity Architect, Optus
    •Why the threat landscape is changing so rapidly in terms of DDOS?
    •Why do we need to understand the anatomy of cyber-attack?
    •What is the impact on 5G, IoT and DarkWeb on cybersecurity?
    •What are the limitations of current cybersecurity architectures?
    •How to improve cybersecurity architecture to deal with an emerging threat?

    The proliferation of IoT devices, 5G mobile devices and the Darkweb leads to a new attack vector which sits on your backyard. In 2016, attackers leveraged vulnerabilities in IoT devices to launch massive botnet-based DDoS (Ex. Mirai botnet). Last two-year evidence that the massive DDOS attack has the potential to do more significant disruption in the world. Current security architectures are not effective if the attack originates from their backyard. The talk will discuss the limitations of existing security architectures of Telcos in terms of DDoS detection and mitigation. With today’s changing threats, the reality is that security professionals need to continually evaluate and adjust their game plans to remain productive and resilient against cyber threats. Then the talk looks into modified security architecture to deal with emerging DDoS attacks.
  • Preventing an Enterprise Win10 Rollout Being Remotely Controlled and Ransomed Apr 8 2020 2:00 am UTC 45 mins
    Murray Goldschmidt, Chief Operating Officer, Sense of Security Pty Ltd
    A case-study for static and dynamic testing of Win10 enterprise rollout images. How this saved an organization from deploying an image that would have resulted in 10,000+ machines being remotely controlled by an adversary for ransom. Hardening reviews, configuration management, app whitelisting effectiveness, encryption recovery, and the ability to detect and defeat sleeper malware are described.
  • Data Protection & Privacy During the Coronavirus Pandemic Recorded: Apr 2 2020 61 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    Remote work is quickly becoming the new normal and criminals are taking advantage of this chaotic situation.

    The EU Agency for Cybersecurity's providing guidance for the huge increases in the number of people working remotely, using tele-health it is vital that we also take care of our cyber hygiene.

    Viewers will learn more about:
    - How to use encryption, controlling new storage of regulated data and data sharing in this new situation.
    - Anonymization leaves personal data open to re-identification, which exposes firms to GDPR non-compliance risks.
    - How are the HIPAA rules changing in this situation?
    - GDPR prescribing pseudonymization and how is that work.
    - How is CCPA changing the rules?
    - How to secure wi-fi connections preventing snooping of your traffic and fully updated anti-virus and security software, also on mobile phones.
    - How important files can be backed up remote or locally. In a worst case scenario, staff could fall foul of ransomware for instance.
    - What apps are secure to use in this new era?
    - Should we use MFA, PW managers or local PW management?

    We will also discuss how to use the CERT-EU News Monitor to stay updated on the latest threats and check the following basics.
  • Cyber Breach Fatigue Recorded: Mar 31 2020 36 mins
    Rhonda Bricco (UnitedHealth Group), Deb Doffing (Optum), Sue Perkins (Optum), Cat Goodfellow (Optum)
    The stream of near constant data breaches has left consumers desensitized to the news their information was lost or stolen. We’ll discuss issues around complacency both in consumers and enterprises such as how long the customer cares after a breach occurs, whether data loss is as negatively impactful to an organization’s reputation as it used to be, and how breach fatigue benefits hackers.
  • [Earn CPE] How to Get More Visibility into Your Digital Ecosystem Recorded: Mar 26 2020 70 mins
    Kelley Vick, Host. With Chris Poulin, Principal Consulting Engineer at BitSight.
    In today's cybersecurity landscape, having continued visibility into your organization’s attack surface is essential to staying ahead of new and evolving threats. But as your digital ecosystem continues to expand, monitoring and mitigating cyber risk become increasingly difficult.

    During this CPE webinar, BitSight’s Chris Poulin, a risk reduction and cybersecurity expert, will take a deep dive into how you can evaluate your current digital risk management efforts, identify gaps, and prioritize improvements.

    Join us on Thursday, March 26, to learn how to:
    ●Validate and manage your digital footprint across various ecosystems
    ●Monitor for indicators of attack, compromise, and abuse
    ●Leverage business context to prioritize remediation efforts and allocate resources
    ●Initiate response plans to mitigate risks
    ●Track and communicate progress with objective data across environments
    ●Use risk intelligence to improve your security posture
  • Dealing with PCI DSS Compliance During the COVID-19 Crisis Recorded: Mar 25 2020 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The new normal during the current COVID-19 crisis is changing every aspect of the business world. It is also affecting how QSA’s deal with PCI assessment.

    A QSA for the most part has to be on-site for a PCI assessment, how are they do to that when they can’t get to the site?

    On this webinar, The PCI Dream Team will:
    - Provide an overview of the PCI DSS requirements to be on-site
    - Discuss strategies to perform PCI assessments when being on-site is now impossible
    - Answer any specific questions to deal with this predicament
    - Detail work at home issues and concerns
  • Fact, Fiction and Planning: How a Business Can Cope with a Pandemic Recorded: Mar 19 2020 61 mins
    David Hutcheson, MBCI, Managing Director, Glen Abbot Ltd.
    This webinar will put to bed some of the myths around Covid-19 and give businesses practical advice on how to cope with a pandemic.
  • Coronavirus Actions and Risks for Tech and Security Leaders Recorded: Mar 13 2020 62 mins
    Dan Lohrmann (Security Mentor, Inc.) | Scott Larsen (Inova Health System) | Earl Duby (Lear Corporation)
    How are state and local governments responding to COVID-19? What are private sector companies doing now? From public health actions to directives for staff, what emergency response steps and risks should be considered?

    Join this webinar for the latest coronavirus playbook roundup and recommendations on how to address the outbreak. Learn the scope of the unprecedented challenges organizations are currently facing. Hear from industry leaders on how they are addressing the COVID-19 outbreak.

    Topics will include:
    - Policy, technology and process steps to take today to protect your workforce and organization.
    - How are orgs dealing with more staff working from home (telework)?
    - What mistakes can be avoided –and how?

    We will close with a Q/A session with the audience.

    - Dan Lohrmann, Chief Security Officer & Chief Strategist at Security Mentor Inc.
    - Scott Larsen, CISO at Inova Health System
    - Earl Duby, CISO at Lear Corporation
Trends, developments, and technology
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Riding New Data Regulation Waves: Intro to CCPA
  • Live at: May 22 2019 9:00 pm
  • Presented by: Victoria McIntosh, Information & Privacy Professional
  • From:
Your email has been sent.
or close