Name: How to Leverage ISO 27701 to Fulfill Data Privacy and Compliance Requirements
Start: 2023-12-05T23:00:00Z
End: 2023-12-05T23:01:01.000Z
Location: BrightTALK
Rating: 4.5

Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.

There was a time that Americans were beginning to be as attuned to data privacy as their European counterparts.  Recently though, the pace of passage of privacy legislation has slowed.  If commercial advertising is to be believed, the public’s concern is more about cybersecurity and AI than privacy.  Even in countries subject to GDPR, the growth in the number and amount of fines does not indicate greater adoption of privacy measures, but rather the reverse.  This session will provide guidance to security and privacy professionals on maintaining data privacy investments and efforts in the face of diminishing mindshare.

Tune in to this webinar to learn:
- Where data privacy sits in relation to other security imperatives.
- Why laws and regulations alone will not help meet privacy objectives.
- How to maintain data privacy as an enterprise commitment.
- How to incorporate provisions for privacy in cybersecurity and AI efforts.

Who Still Cares About Data Privacy?

New regulations like EU DORA, NIS 2, and state AI laws are shifting liability from organizations to individual cybersecurity professionals, creating unprecedented personal legal risks. This shift means practitioners now risk individual prosecution and career-ending consequences for security decisions made under pressure.

The modern CISO must balance technical expertise with legal acumen, understanding how incident response choice, from ransomware payments to breach notifications, can create personal liability. As litigation increasingly targets individual practitioners alongside organizations, developing legally defensible security strategies has become essential for professional survival.

Join Dr. Ilia Kolochenko (CEO at ImmuniWeb and Attorney-at-Law in Washington, DC) to explore practical legal frameworks that protect your career while maintaining operational security effectiveness.

Takeaways: 
- Identify specific personal liability risks under current regulatory frameworks. 
- Master incident response protocols that protect both organization and individual standing. 
- Recognize critical gaps in cybersecurity insurance that leave practitioners exposed. 
- Develop strategies demonstrating due care to mitigate personal legal exposure. 
- Balance technical security requirements with evolving legal obligations.

Navigate Personal Liability Risks in Today's Cybersecurity Landscape

Generally Accepted Privacy Principles (GAPP) was developed specifically to enable auditors to assess organizations’ attainment of their objectives for data privacy.  Not aligned with any specific laws or regulations, GAPP is built on ten basic principles that apply to all of them, supported by 73 auditable criteria. This session will illustrate how to use each of these criteria to identify specific artifacts that lead to comprehensive conclusions regarding compliance with internal and external requirements.

Learning objectives:
- What are the business benefits of privacy compliance?
- What are the risks of non-compliance?
- Establishing privacy baselines.
- Using GAPP to create a privacy compliant organization.

Applying Generally Accepted Privacy Principles to Assessing Compliance

The US data privacy laws in the US are shifting from a "harms-prevention-based" approach to a "rights-based approach exemplified by the European Union's General Data Protection Regulation (GDPR). Following California's lead, four other states, including Colorado, Connecticut, Utah, and Virginia, will begin enforcing new GDPR-inspired statutes in 2023. The shift in the philosophical framework will have profound implications for data privacy protection.

The US has historically allowed businesses and institutions to collect personal information without consent while regulating those uses to prevent or mitigate harm in specific sectors. The EU, on the other hand, has long pursued a rights-based regime for protecting personal information, which holds that data privacy is a fundamental human right. This has roots in Europe's history of suffering through the infamous data collection of the Nazis and the similar collection of data by the formerly communist East Germany's secret police. The GDPR, which became enforceable in 2018, codified several key principles reflecting the Europeans' human rights philosophy. The new laws will be applicable to specific industries and types of institutions and will impose restrictions on industries and institutions regarding their handling of personal information. More states are likely to follow the GDPR in the coming years.

This webinar entails to:
- Introduce the market drivers of the US privacy laws industry and their roles.
- Illustrate the shift in the philosophy underlying data privacy laws in the US.
- Comparison of the US "harms-prevention-based" approach vs the European Union's approach is more rights-based.
- Summary of the EU ‘s General Data Protection Regulation (GDPR), which became enforceable in 2018.
- Understanding how the principles reflected in the new data privacy framework will have profound implications in the years to come.

The New Era of Data Privacy Laws

There is no shortage of privacy laws and regulations. We keep hearing that the latest privacy laws “will change everything”, but have they made a real difference? This session proposes an alternative approach. Privacy can be treated as an attribute of personally identifiable information and can be managed using data management techniques. Rather than building privacy programs on compliance with laws, it may be more productive to manage the data itself.  

Key takeaways include:
1.      Why and how data privacy has been managed in recent years.
2.      How the compliance-based approach to privacy has shaped organizational approaches to the issue.
3.      How data management principles can offer a different, and perhaps better, way for managing privacy.
4.      How a data management approach would alter organizational structures.

Have We Been Doing Data Privacy The Right Way?

Ransomware and other forms of malicious cyberattacks are a top threat to IT availability; and generally speaking, to ongoing business viability.  A key element to reducing business impact and downtime is having well thought out options, both IT and business led options for compromised data recovery that can be adapted and undertaken quickly to address the particulars of a successful ransomware attack.

Join us for this session that will shed some new insights on what it takes to reduce the risk of a failed data recovery effort. 
Key takeaways include: 
1. The IT and non-IT led approaches to data recovery (its far more than restoring from backups).
2. Determining what data is most worthy of advanced levels of protection and recoverability.
3. How to get the business community ready to do their part.

About the speaker:
John Beattie has been a Principal Consultant with 11:11 Systems for more than 15 years where he has consulted with organizations looking to reduce operational risk by establishing or transforming their operational resilience programs including, business continuity, disaster and data recovery, and crisis management programs. He currently leads 11:11 Systems’ cyber-compromised data recovery consulting team.  

Prior to joining 11:11 Systems,  John was the Global Director of Business Continuity for News Corporation. He also worked at Ernst & Young for more than 15 years where he worked closely with clients across many industries on a wide variety of strategic and tactical information technology and business process improvement engagements.

John has attained FBCI certification from the Business Continuity Institute and Certified Third-Party Risk Professional (CTPRP) from the Shared Assessments Program. He is an alumnus of the New Jersey Institute of Technology where he earned undergraduate degrees in Industrial Engineering and Applied Mathematics and a Masters degree in Computer and Information Science.

Compromised data risk management: It's everyone's business

Compliance and risk management on Wall Street is vitally important to the health of a well-functioning economy and its financial markets. Regulation across all sectors of Wall Street, from broker-dealers to registered investment advisor firms to hedge funds and other financial service firms, has become increasingly more robust and stringent over the past decades. 

This presentation will discuss practical ways that firms can improve their compliance and risk management strategies to mitigate the many risks to their clients and to the firms themselves that can arise from lax and ineffective compliance and risk management strategies. This presentation will be given by Dr. Paul Wendee, a 40-year veteran of Wall Street who has owned and/or managed several Wall Street firms (broker-dealers, investment banking firms, investment advisory firms, and hedge funds).

Here are some of the topics attendees can expect:
1. Why is compliance and risk management on Wall Street important?
2. Compliance and risk management for securities broker-dealers.
3. Compliance and risk management for registered investment advisors.
4. Compliance and risk management for investment banks.
5. Compliance and risk management for hedge funds.
6. Compliance and risk management for other financial service firms.
7. Some interesting examples of frauds that have been perpetrated on Wall Street.

Compliance and risk management on Wall Street

Financial systems must follow certain rules that may seem the same on the surface, but in practice have significant differences. Financial institutions are highly regulated entities, which are required to comply with various statutory regulations. Many of these compliance rules pertain to cybersecurity. One might assume that compliance with these rules will make a company secure. While compliance is necessary, that alone is rarely sufficient to guard against tomorrow’s security threats. Compliance are rules based on the past; effective cybersecurity must anticipate the future. 

Tune into this webinar from industry expert Jerald Murphy (Nemertes Consulting) will discuss actions organizations can take to overcome hurdles to ensure companies can be compliant, with maximum agility in dealing with the latest cybersecurity threats.

Overcoming security and compliance challenges in finance

In the digital business world, reliability of service and customer satisfaction are fundamental benchmarks for application success. Google’s Service Level Objectives (SLOs) are a way of setting measurable goals around customer satisfaction and reliability to determine the level of service quality an application provides.  

Within the financial services sector, while reliability and customer experience are important, in the face of continued regulatory reform, application teams are also responsible for ensuring that all regulatory requirements and processes are being followed. SLOs can be used to directly implement these requirements, e.g., Payment Service Directive 2 (PSD2), with the necessary KPIs and automated alerts. 

In this session, Xue Liu (Reliability Lead in Deutsche Bank’s Private Bank Center of Expertise,) shares tips and best practices for embedding regulatory requirements into your SLOs. 

Join the session to discover:  
- Why incorporating compliance within SLOs matters and how it contributes to overall application success. 
- Best practices for integrating regulatory requirements within your SLO frameworks to ensure customer satisfaction, site reliability and adherence to industry regulations. 
- Collaboration strategies and processes to bridge the gap between compliance and application teams. 
- And more...

Drive compliance and regulatory requirements with service level objectives

According to The Life and Times of Cybersecurity Professionals 2021 report by the Information Security Systems Association, the ongoing cybersecurity skills crisis has steadily continued for over five years. Organizations are consistently on the prowl for talented cybersecurity professionals to combat increasingly prevalent and sophisticated cyber attacks. However, is hiring the “best fit” the only option organizations have to address the ongoing cybersecurity skills shortage? 

After working alongside the constant cybersecurity skills shortage, CISOs understand that only looking to hire talent won’t cure the longstanding problem. So how are security executives addressing the growing need for cybersecurity skills? Join Hosts Dan and Earl with guests as they take a deeper look into the cybersecurity skills shortage and:

- Innovative new strategies organizations are utilizing to tackle the cybersecurity skill shortage from integrated security architectures to partnerships with third party services or vendors
- Investing in IT and security staff through cybersecurity training
- Embracing automation and analytics to streamline security processes

The Cybersecurity Skills Shortage: Why, How, and What To Do About It

The increasingly distributed nature of the modern enterprise is making zero-trust security approaches more relevant than ever. In this research-led session, John Grady, ESG Principal Analyst, will focus on how organizations are thinking about, planning for, and implementing zero trust across their environments.


Join to find out how zero trust can provide a framework to secure even the most complex environments, whether implementing least-privilege tenets for user access or securing the connections to and between the disparate aspects of today’s hybrid multi-cloud deployments. You'll learn exactly what a zero-trust initiative should entail, where to begin, and how best to overcome the organizational obstacles that result from such a cross-functional undertaking.

Zero Trust Security Strategies to Safeguard the Enterprise

As organizations are looking for ways to stay on top of an evolving threatscape, many are
looking towards AI to enhance their security strategies and fend off cyber attacks before they
happen. In the 2022 CIO and Technology Executive Survey by Gartner, 66% of respondents
reported that they expected to increase cyber and information security investments for the
next year. More than half of respondents reported that they planned to heavily invest in
business intelligence and data analytics.

However some security leaders are cautious about adding artificial intelligence into their
security arsenal. Despite rapid advancements in AI, these solutions can also come with their
own unique set of drawbacks. Some skeptics say that AI technology is still immature and
that there may be simpler, more cost-effective solutions. With all the interest surrounding AI
in cybersecurity, it’s important for organisations to establish realistic expectations.

Join this panel to learn more about:
- The current state of AI in security
- What CISOs and their teams should keep in mind about AI
- How AI impacts your workforce strategy
- And more!

Speakers:
- Dan Lohrmann, Field CISO at Presidio
- Earl Duby, CISO at Lear Corporation
- Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
- Warsamé Ahmed, Co-Founder & CEO at BR[AI|YT.ai

Using AI in Cyber Security: Boon or Bust?

Secure access to cloud is broken. By now, you must already know that the traditional VPNs are the weakest links when it comes to secure access into your mission critical infrastructure. This is due to two fundamental flaws. 

VPN aka virtual private network, as it suggests, provides a virtual network extension over a secure link. That means, if the endpoint that is connecting over the VPN, is compromised, an attacker can gain secure access your infrastructure.

Once insider your network, the intruder now has the license to roam within the subnet/VLAN and, unless you have an error free setup, perhaps the intruder has the license to roam across the enterprise.
 
Time and again, we have witnessed VPNs being exploited by the adversaries and, if you want to stay protected, please ensure that you get off the traditional VPN train first.

The modern-day alternative to VPNs is called Zero Trust Network Access (ZTNA). However, the ZTNA solutions lack end to end segmentation. That means, if the attacker somehow gains access to one of your hosts over ZTNA, the attacker will then be able to roam laterally withing your organization. This is the predominant way for Ransomware to spread and compromise most of your assets.

What you need is a combination of modern Secure Access technology coupled with an agentless micro-segmentation solution and a potent incident response tool.
 
This will be the focus of our session. In this session, you’d learn how to
• Provision agentless segmentation at scale across your organization for all your assets – TV, Toaster, Laptops, VMs, Servers, and even containers
• Gain end-to-end visibility and control for all traffic
• Secure high value assets distributed across your organization
• Deploy a Ransomware Kill Switch™ that prevents ransomware spread

The correct way to “Cloud-Access”

Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels? 

Here is where the zero-trust approach to security comes into play. 

Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

Viewers will learn about:
- The evolution of the security perimeter and the shift to zero trust
- Why zero trust is an approach and not a product
- Zero Trust Network Access (ZTA) vs. corporate VPN
- Real-world stories and practical hands-on guidance from people who have deployed a ZTA

Speakers:
- Mari Galloway, CEO, Women's Society of Cyberjutsu
- Jonathan Nguyen Duy, Vice President, Global Field CISO Team, Fortinet
- Bob Rudis, Chief Data Scientist, Rapid7

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Zero Trust for the New Normal

Phishing and ransomware attacks continue to rise, according to Proofpoint’s State of the Phish report for 2020. Organizations in the U.S. are at risk, the increase in remote work due to the pandemic has fueled a spike in attacks, and phishing attempts are up by 14 percent compared to the previous year. 

Email continues to be the number 1 delivery vehicle, but other social engineering schemes that rely on social media, voicemail (“vishing"), SMS phishing (“smishing”), and malicious USB drops are also of concern for organizations. Ransom demands are also on the rise, but according to the report, paying the ransom is not guaranteed to work as many companies that paid the ransom failed to receive a decryption key. 

Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
- The rise in ransomware under the cloak of the pandemic 
- Why email continues to be the channel of choice 
- The difference between fully automated and human-operated campaigns
- How to decide whether or not to pay or not to pay the ransom
- Why your backups may not be immune to ransomware
- Addressing the threat with best practices

Speakers
-  Nicole Hoffman, Intelligence Analyst, GroupSense 
-  Courtney Radke, CISO for National Retail, Fortinet 
-  Patrick Lee, Senior Incident Response Consultant, Rapid7

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Ransomware in the Remote Work Era

Requiring non-security specialists to describe their posture and informing the management hierarchies on our current security posture is difficult. The language is foreign and does not lend itself to exactness. The eternal question is “Are we secure? The expected answer then cannot be “It depends…”, but rather an aggregated statement, very close to a single “Yes” or “No”. 

In case of a negative response, it is also expected to hear of the gaps and the plans to fill them to become secure again.

 

To accomplish this aggregated statement, a traditional assurance cycle of up to a year is too slow. The product owners need to have security activities in their backlog, they need to know when circumstances change to be able to address them based on risk. The management hierarchy needs to be informed with the current security posture and what implications that brings.


The road to prevent breaches is paved with measurements, a quick feed-back loop and AI assisted decision making. All meant to push security decisions out in the organization.

Here one could add the analogy of driving a car, where the driver, or senior manager, has to take decisions based on situational awareness and information provided by the car. The driver does not need to know the exact oil pressure or the cooling temperature, but rather if it has reached a hazardous level. The driver cannot base decisions on oil pressure solely by dipping the stick before starting the journey, which would be equivalent to classic compliance.

To prevent breaches senior management need to know that circumstances have changed, when they change, and ultimately that they are about to change.


In this webinar you will be inspired by a Proof of Concept and an idea of how to implement and extend it.

Proactive Breach Prevention using Automated Compliance and Continuous Auditing

This month's episode of The (Security) Balancing Act will focus on botnets as a growing threat to the enterprise, examples from the real world, and what enterprises can do to better protect against botnet-fueled state sponsored attacks.

Join this interactive roundtable discussion with security experts and industry leaders to learn more about:
-  How botnets have become a tool for cyber criminals and nation state actors
-  Real-world examples & known botnet attacks 
-  Nation state ransomware attacks
-  DDoS attacks
-  Cyber espionage
-  ATPs
-  The trouble with attribution
-  What enterprises and governments can do to address the threat

Panelists:
-  Johna Till Johnson, CEO and Founder of Nemertes Research
-  Derek Manky, Chief, Security Insights & Global Threat Alliances, Fortinet
-  Craig Harber, Chief Customer Success Officer, Fidelis

This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.

Taking Down Nation State Botnets

As data collection and analysis become increasingly central to business, research, and governance, protecting sensitive information is more crucial than ever. This session will examine the privacy, ethical, and security challenges involved in analyzing sensitive data such as personal health records, financial information, and other confidential datasets. 

Key questions to be addressed include: 
- How can sensitive data be ethically and responsibly analyzed while still protecting individual privacy? 
- What technical and policy safeguards are essential when working with sensitive data? 
- How can risks related to re-identification, unauthorized access, and data leakage be mitigated? 
 
This talk presented industry thought leader Donald Farmer will review best practices and frameworks for enabling secure and ethical data analysis across various industries and applications. Expert perspectives on navigating emerging regulations, managing tradeoffs, and aligning analytical objectives with privacy values will be discussed. Attendees will gain critical insights into analyzing sensitive data securely while upholding public trust and mitigating risks.

Analyzing Sensitive Data: Privacy, Ethics, and Security Considerations

The difficulties of securing data in cloud-native applications are many, for example:
• There exists a proliferation of data islands, complicating the creation of a unified cloud security view;
• As microservices are created, evolved, and removed, those islands can remain unused—yet still pose a risk to you;
• Propagation and caching of sensitive data between microservices can result in compliance blindness.

That’s not to mention the variety of data storage formats with which IT pros must contend and protect (such as file, object, block, and SQL). Let’s hit the reset button, shall we?

Join us in this Fireside Chat at the Data Security Risks and Challenges BrightTALK Summit to discover 5 principles—based on the basics—with which you can improve cloud-native app security and to see how CNAPP solutions are making a real difference. Tim Miller, Technical Marketing Engineer at Outshift by Cisco joins the discussion with Enterprise Strategy Group analysts.

Securing Your Data in a Cloud-Native Application World

Companies need to understand “wicked” problems, and the best way to navigate the organization during periods of uncertainty.

Companies should ask themselves how speedy their response be to a data security incident, when escalating to the senior leadership team, more so when it is an extortion and/or ransomware attack that involves critical data sets.

Tune into this session presented by disaster recovery and cyber resilience expert Steve Yates as he brings to light the crisis management options for those scary technology moments for when super speedy decisions are needed (or are they)?

By the end of the session, you will be able to:
- Be aware of data security incident management processes and procedures. 
- Form an understanding of the need for having a plan (runbooks/playbooks) and agreed crisis escalation process.
- Be conversant with a joined-up thinking approach when reviewing technology incident management that is “fit-for-purpose”.

Data Security Incident Management: What Keeps You Awake At Night? Part 3

In IDC’s recent survey (Data Loss Prevention Survey, sponsored by Forcepoint, October 2023), 80% of customers indicated they are synching their DLP policies across endpoint, cloud applications (CASB), and web traffic (SWG) but they find it extremely time consuming and resource intensive. Given the option, even more (85%) would choose a single DLP solution that they could manage across endpoint, CASB, and SWG channels.

In this webinar, Frank Dickson, IDC Group Vice President and Jim Fulton, Vice President, Product Marketing show how 31% productivity gains can be achieved as well as cost and time savings by moving to a single DLP solution across endpoint, cloud, and web applications.

Join this session to learn how Forcepoint can solve this problem for you with Data Security Everywhere.

1: IDC’s recent survey (Data Loss Prevention Survey, sponsored by Forcepoint, October 2023, US51335023

Unified DLP Revolution: IDC Unveils Game-Changing Solutions

Data, your most important asset, is growing at a breakneck pace and must be accessible to be useful in today’s business. How do we enable agility and innovation while enabling the necessary security controls? Gaining visibility into your data, where it resides, and who has access can help you proactively limit the scope and impact of a cyber attack. Join our industry experts as they discuss strategies and best practices for a proactive approach to data security.

Make sure to take a look at the attachments as well - we've added extra learnings on how to optimise data protection and provided you with additional resources to help set you up for success.

Strategies and Best Practices for Proactive Data Security

Join the BrightTALK Summits webinar addressing Data Security Risks and Challenges!

Say farewell to the era of weak passwords vulnerable to modern threats. Safeguarding your Active Directory necessitates a robust password policy. Native Windows tools often fall short in tackling today's security challenges and complex compliance requirements. The struggle is real, isn't it?

Introducing the game-changers: Netwrix Password Policy Enforcer and Netwrix Password Secure. Brace yourself for password enforcement that's not only powerful but also incredibly user-friendly. Bid farewell to the headaches and embrace rock-solid security. Your Active Directory will thank you!

Watch this session to discover how to:

- Set up a robust and user-friendly password policy for your Active Directory.
- Prevent the use of weak passwords by customizing dictionaries and cross-referencing against the HIBP database of compromised passwords.
- Simplify password compliance with pre-defined policy templates.
- Enforce the generation of passwords that meet policy requirements.
- Ensure secure password sharing among your employees.

Securing Your Active Directory: The Power of a Resilient Password Policy

Staying ahead in the dynamic landscape of data privacy and compliance is not just a necessity but a strategic advantage in order to stay compliant and gain trust from your customers. As we approach 2024, several key trends are emerging that will reshape your understanding of and methodology to these crucial areas. 

Our live talk, on December 5 at 2 pm ET, led by Gary Brickhouse, CISO along with Dan Mengel, Practice Director, Compliance and Jason Eddinger, Senior Security Consultant, Data Privacy will discuss these pivotal shifts that will significantly impact your strategy heading into 2024.

Register today.

Navigating Compliance and Data Privacy Trends Into 2024

With the explosion in AI, organizations need to be mindful of the security risks that this cutting-edge technology can bring. Rob Van de Veer, Senior Security Director and Trusted EU Advisor, shares how to implement rigorous security protocols in the world of AI engineering, AI lifecycle management, AI models, and privacy controls.

A.I. Security | A strategic guide to implementing security and risk controls

In an era where artificial intelligence (AI) is transforming industries and reshaping the way we live and work, striking the delicate balance between innovation and data privacy compliance is paramount. This session delves into the evolving landscape of AI, discussing how businesses can harness its power while safeguarding sensitive data and adhering to privacy regulations. Explore the challenges, ethical considerations, and strategies that are shaping the future of AI in a privacy-conscious world.

In this session, you will: 
1. Recognize how AI is reshaping industries and business operations, presenting exciting opportunities for innovation.
2. Understand the increasing concern regarding data privacy as AI systems rely on vast amounts of personal and sensitive information.
3. Gain insights into navigating the complex regulatory landscape, including GDPR and CCPA, to ensure compliance in AI projects. 
4. Explore ethical concerns such as bias, fairness, and transparency in AI development and their intersection with data privacy.
5. Learn about strategies and best practices for maintaining a balance between AI innovation and data privacy, building trust with consumers, and staying compliant.

Data Privacy and the Future of AI: Balancing Innovation and Compliance

Data Security Risks and Challenges

The International Standards Organization’s ISO 27701 privacy information management standard is a framework that covers both security and privacy compliance aspects of various privacy regulations around the world. As a certified ISO 27701 Lead Auditor, Ralph Villanueva is more than happy to help the audience and their organizations resolve their data privacy risks and issues by pointing out how to use this very useful framework. 

Tune into this informative talk to learn the benefits of this new frameworks and how to make the best use of it. Even better, this framework will make enterprise-wide privacy compliance more cost effective across geographic locations, and add more value to the audience’s privacy work within the company as well.

How to Leverage ISO 27701 to Fulfill Data Privacy and Compliance Requirements

Data Security

Data Privacy

Data Compliance

Compliance

privacy compliance

Privacy

Security as a Service

Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How to Leverage ISO 27701 to Fulfill Data Privacy and Compliance Requirements

Presented by

About this talk

Governance, Risk, and Compliance