Hi [[ session.user.profile.firstName ]]

GDPR Summary: Why encryption and other measures are now a must?

Until recently, EU data protection laws mainly focused on data subject consent, proportionality, purpose limitation, transparency, etc. Information security, however, was very often deemed to be an area for the techies, not an area of legal compliance.
This will change as a result of two recent and major pieces of EU legislation: the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS Directive).
Under the GDPR and the NIS Directive, businesses and operators of essential services (eg. hospitals; airports; etc.) will have to implement robust information and system security measures. In addition, the new rules contain a new name-and-shame mechanism: businesses and operators will have to inform the relevant authorities of security incidents. And they will have to inform the affected data subjects, unless the affected data were rendered unintelligible (for example by means of encryption).
Finally, the EU wants the new data protection rules to become a board-level issue and it has therefore decided to make the rules subject to hefty fines:
•If a business fails to comply with its data security obligations under the GDPR, it may get a fine of up to 10,000,000 EUR or 2 % of its total worldwide annual turnover, whichever is higher.
•Worse even, if a business is found to be in breach of certain other obligations under the GDPR, the fine may go up to a dazzling 4 % of its total worldwide annual turnover.
During this webinar, you will learn from Jason Hart, CTO at Gemalto and Tom De Cordier, an expert in data protection and information security law at CMS in Brussels, what the new rules mean in practice and what businesses should do to bring themselves in line with the upcoming requirements.
Recorded May 24 2016 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker
Presentation preview: GDPR Summary:  Why encryption and other measures are now a must?
  • Channel
  • Channel profile
  • What is New with PCI-DSS Compliance in 2018? Nov 7 2017 4:00 pm UTC 60 mins
    Danna Bethlehem, Director Product Marketing, Gemalto
    The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
    This webinar will discuss and provide helpful information on the upcoming mandate including:
    •Overview of PCI DSS 3.2
    •What is new in PCI DSS 3.2 and what that means for your business
    •Comprehensive solutions that will help you ensure compliance
    •Mapping solutions to the needs of your department
    Please visit our BrightTalk channel to register for the webinar.
  • How Cryptocurrencies are Changing the Face of Financial Services Nov 2 2017 3:00 pm UTC 60 mins
    Eric Larchevêque, CEO at Ledger and Joe Pindar, CTO Office Director of Strategy
    Joint webinar with Ledger and Gemalto discussing how cyrptocurrencies have the potential to revolutionize the financial industry and what needs to be done to secure the digital assets.
  • Best Practices for Migrating from On-Prem to Cloud-based SSO Oct 25 2017 3:00 pm UTC 60 mins
    Ella Segura, Authentication and UX Expert at Gemalto
    According to Gartner, by 2021, IDaaS will be the majority access management delivery model for new purchases of access management solutions, up from less than 20% today. High maintenance costs and operational overheads as well as a shortage of skilled professionals are turning organizations to the cloud in an effort to outsource commodity IT services such as storage, content delivery, multi-factor authentication, cloud SSO and access management.
    As some organizations hesitate to change the status quo of their access management and MFA infrastructure, others have already managed to migrate their users and resources to realize significant savings and better utilize their existing budgets.

    In this webinar you’ll learn how to:
    •Reap cloud efficiencies from as-a-service delivery of a cloud single sign-on solution
    •Maintain your current investments while migrating to cloud-based access management
    •Leverage automation to drastically lower day-to-day operational overheads
    •Start global and go granular as you set up access management and cloud SSO policies
    •Accommodate diverse user groups such as administrators, partners, C-suites and mobile users
  • 451 Research & Gemalto Present "Alphabet Soup: Deciphering Multi-Cloud Security Oct 19 2017 3:00 pm UTC 60 mins
    Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto
    The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.

    In this joint webinar with 451 Research, we will cover topics including:

    -Building a multi-cloud security strategy for encryption and key management
    -Best practices, benefits and pitfalls of managing your own security
    -Impact of regulations on data protection in the next few years
    -Understanding the different CSP requirements for key management:
    oCustomer-Supplied Encryption Key (CSEK)
    oBring Your Own Key (BYOK)
    oHold Your own Key (HYOK)
    oGeneral cloud service provider key management services overview
  • Controlling access to infrastructure and applications, in cloud and on-prem Recorded: Oct 17 2017 64 mins
    Ulf Mattsson, CTO at Atlantic BT. Alex Hanway, Product Marketing Manager at Gemalto, David Morris, Pioneer in Cybersecurity
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
    This session will discuss Identity and Data Protection solutions for enterprise security, organizations can take a data-centric approach to their security posture, all while controlling access to the infrastructure and applications they rely upon — both on-premises, and in public and private clouds.
  • Are you Ready for DFARS? Recorded: Sep 27 2017 60 mins
    Eric Avigdor, Director of Product Management at Gemalto
    With the deadline for DFARS (Defense Federal Acquisition Regulation Supplement) quickly approaching, many business are scrambling to meeting compliance requirements. An important part of DFARS addresses the need for strong, two-factor authentication, as well as physical access controls to organizational information systems, equipment, and the respective operating environments to authorized individuals.
    Are you prepared? If you’re like many other government contractors and subcontractors, a little advice may be needed to navigate the waters of physical and user access controls.
    Gemalto’s Identity and Protection expert, Eric Avigdor, will be present and informative look at DFARS and what options are available to ensure compliance. What Eric will discuss:
    •Overview of DFARS mandate
    •Use cases – our experience from the field
    •Comprehensive solutions that meet the multi-factor authentication and physical access controls required by the DFARS mandate
    •Mapping solutions to the needs of your department
  • The Blockchain Bubble: Identifying viable opportunities for blockchain Recorded: Sep 26 2017 61 mins
    Joe Pindar, CTO Office Director of Strategy
    Blockchain technology is popping up everywhere from the currency market to smart contracts. The growth in the technology is evident from the investments being made, for example, PwC estimated that in the last nine last nine months of 2016, $1.4 billion had been invested globally in blockchain startups. This stems from its potential to enable efficiencies and cost-saving opportunities based on moving to a decentralized approach and away from the current centralized systems. With all the hype around blockchain, companies need to cut through the hype and ask the question - when does blockchain actually make business sense?

    Blockchain is not a silver bullet and cannot solve every problem. There is also the added complexity of managing the security of many distributed nodes can only be justified by gaining business benefits from using blockchain. In this webinar, we will look at a business qualifying approach to blockchain to help you evaluate valid blockchain use cases and identify the security needs surrounding blockchain operations. Join us to learn more on:
    •Securing blockchain from the edge to the core
    •The operational benefits and pitfalls of blockchain technology
    •Our 4 step qualification process for blockchain business opportunities:
    1.Is there an established business process?
    2.Are there more 3 parties involved – i.e. is it a distributed problem?
    3.Is it important that the data being exchanged is trusted and considered to be factually accurate?
    4.Would automation improve the performance of the process?
  • Law Enforcement Data On the Move: Don’t make CJI a Crime Recorded: Jul 20 2017 57 mins
    Stan Mesceda, Encryption Expert at Gemalto
    Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
    Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
    “When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”

    Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
    Attendee takeaways:
    •Overview of CJIS-SP mandate
    Network vulnerabilities and how Ethernet encryption can help secure data in motion
    •Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
    •Mapping solutions to the needs of your organization

    For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
  • Turning the Table on Hackers and Breaches Recorded: Jul 11 2017 45 mins
    Jason Hart, CTO of Data Protection at Gemalto
    Data breaches in 2016 got even more personal with big hacks of adult entertainment sites and social media databases. Hackers mined these for gold, in other words, valuable data to create social engineering attacks, ransom operations and identity theft. According to Gemalto’s Breach Level Index, the number of stolen, compromised or lost records increase by 86% in 2016, while the number of breaches decreased by 4%. Hackers are going after more data than ever before, and they are finding it in large databases that are left relatively insecure.

    Whether consciously or not, hackers have grasped the idea of situational awareness. They have figured out how to exploit these golden opportunities by keeping a pulse on what is going on. It seems too simple to be true, but it goes back to the age-old principle of information is power. Getting the information comes from being aware of one’s surroundings. To become situationally aware, companies need to change their mindset- building a walled garden isn’t an option anymore. During the webinar, we will look at the major data breach trends and findings from 2016 and discuss how this information can help develop your situational awareness. Join us as we cover topics like:

    -What we can learn from Jason Bourne about knowing one’s surroundings
    -What we can learn from hackers to better protect valuable data
    -What we as security professionals can do by going back to the basics of accountability, integrity, auditability, availability and confidentiality
    -How to change our mindset in a new era of a hacker driven gold rush
  • IoT Security over Tea: Brewing in the Business Recorded: Jun 20 2017 61 mins
    Gorav Arora, CTO Office's Director of Strategy
    For businesses and consumers the Internet of Things (IoT) is about the value of data, whether it’s for better decision making, for navigation to future goals or immediate maneuvering. The value of the data will vary based on numerous factors like its perceived value, intrinsic value, monetary value, etc. and may change over time. Being able to identify the value of data will help businesses better understand the associated risks and thereby the necessary security.

    According to Gartner, worldwide spending on IoT security will reach $348 million in 2016, a 23.7% increase from 2015 spending of $281.5 million. Companies need to understand and evaluate the business impact of data to determine its value and consequently the appropriate security. Following our introductory webinar “Steeping out the Hype,” the next in our series on IoT security will focus on the building an IoT security blueprint based on the estimated value of the data. The calculation will not always be linked to a monetary value but also the data’s impact if breached on brand recognition and stock price or data used to make strategic decisions, competitive information and/or intellectual property.

    Join us for a webinar to learn more about evaluating the value of your data and building an IoT security strategy to match the eight point business journey. Attendees will have a better understanding of the:
    -Eight point business journey and its connection to securing the data
    -Factors impacting the value of the data, the IoT personas outlook on each type of data and using them to calculate estimates and risk assessment to understand the cost of a breach
    -Messages to educate management and business leaders on the investment needed to support a secure IoT
    -A blueprint for building an IoT security strategy
  • Quantum Threat Conundrum: How to Create a Quantum-Safe Security Strategy Today Recorded: Jun 19 2017 61 mins
    Stan Mesceda from Gemalto -Bruno Huttner & Gilles Trachsel from ID Quantique
    With the advent of massively powerful quantum computers, much of today's encryption will be vulnerable. Preparing for the inevitability of quantum should be an integral part of current risk management strategy. Gemalto is teaming up with ID Quantique, a leader in quantum security, to help security professionals understand quantum-safe cryptography and the impact it will have on enterprise security. Find out how you can create a quantum-safe environment for voice, video, virtualization and mass data today, securing these assets from even the most advanced cybercriminals and their super-computers.

    Join Gemalto and ID Quantique for a joint webinar to learn more about:
    •What is quantum computing and how it affects security
    •Quantum cryptography in action
    •Examples of quantum cryptography in the enterprise and government space
    •Quantum-safe solutions at a glance
    •Future developments of quantum cryptography
  • Don’t let Smartphones Kill your PKI Security Strategy Recorded: May 23 2017 51 mins
    Gregory Vigroux, Enterprise Mobility Expert at Gemalto
    Half of businesses admit security is their biggest concern to increasing user mobility. Securing enterprise mobility has been an ongoing and arduous topic for IT security professionals. Maintaining high-assurance security, while offering access to company resources to an on-the-go workforce has become a balancing act. So much so, a third of businesses actually prevent employee access to company resources via mobile. This is likely not a long term or sustainable solution to the problem.

    So how do you find a compromise that won’t kill your security strategy? There are currently many technologies from derived credentials to mobile PKI. IT professionals are feeling the pressure to find a viable, user friendly, easy-to-deploy and secure options. In this webinar, we will discuss the current solutions in-depth and how they impact your current IT security policies. Attendees will learn more about:
    -Software-based security versus hardware-based security
    -How this impacts your back-end systems
    -Technology such as derived credentials and mobile PKI
    -Implementing a mobile PKI solution
  • Passing the Audit: What you need to know to be CJIS compliant Recorded: May 15 2017 50 mins
    Eric Avigdor, Director of Product Management at Gemalto
    Did you know if your organization receives criminal history information as part of licensing or a background checks, you are required to comply with the FBI CJIS Security Policy (CSP)? State agencies are also authorized to conduct formal audits to make sure compliance is met.
    Compliance is just one benefit. Advanced authentication is also required when remotely accessing the FBI’s CJIS repository. Putting in place this technology helps law enforcement in the field have secure and timely access to important information when they need it.

    Join us for an informative webinar where you will learn the basics to secure your devices, networks and users and become compliant with the FBI mandate.
    Key attendee takeaways:
    •Overview of CJIS mandate and Advanced Authentication
    •Use case – our experience from the field
    •Comprehensive solutions that meet the stringent requirements of the CJIS mandate
    •Mapping solutions to the needs of your department
  • Beyond 2FA: The Smart Way to Manage Cloud Access Recorded: May 9 2017 44 mins
    Mor Ahuvia, Authentication Product Marketing at Gemalto
    Cloud apps are being pulled into the enterprise hand-over-fist, with 93% of organizations using cloud-based IT services. But the efficiencies and convenience offered by cloud apps come at a price. While organizations have long been applying two-factor authentication to their network, VPN and email portals, they have failed to extend that same level of security to cloud-based applications, such as Office 365, AWS and Salesforce.

    But the need for stronger cloud access security is only part of the story. Businesses looking to scale and increase their cloud adoption find there are other issues to contend with. Visibility into cloud access events and regulatory compliance become challenging to maintain. Helpdesk staff are burdened with password resets, and the most important link in the chain—users—are plagued with password fatigue.

    This webinar explains:
    •Challenges to greater cloud adoption in the fintech space
    •How strong authentication complements access management
    •Why cloud access management is critical to an organization’s cloud adoption strategy
  • DIY PKI Recorded: Apr 17 2017 56 mins
    Rae Barton, PKI expert at Gemalto
    Public Key Infrastructure (PKI) is a well-known security protocol used by some of the world’s largest governments and top enterprises, but it’s a technology that also affords many possibilities in new and growing industries. Even small to medium sized businesses can greatly benefit from PKI. However, PKI is also often mistakenly perceived as being difficult to deploy. Gemalto is addressing this common misconception. The next webinar in our PKI series, DIY PKI, will walk attendees through the entire process of setting up a PKI environment and how to manage it. We have developed a five step process to make it easy for security professionals to get their PKI system up and running with minimal time spent. The five step implementation method will give you an idea of how to set up a two tier Microsoft PKI infrastructure with Gemalto SafeNet Authentication Manager and SafeNet Luna HSM to perform smart card log on for small to medium sized enterprises.

    Attendees of the DIY PKI webinar will learn:

    -Challenges of PKI deployment
    -Overall PKI integration ecosystem
    -Common use cases deployed in enterprises: Smart card logon – What happens in the backgrounnd, email encryption/signing

    Step by step implementation steps
    oInstall and configure a Hardware Security Module (HSM)
    oInstall the root CA and configure it with the HSM
    oInstall and configure the issuing CA
    oConfigure the permissions of users and create certificate templates
    oInstall and configure an authentication manager



    For the purpose of this webinar and using Gemalto’s five step propriety approach, we will use our SafeNet line of technologies to demonstrate the implementation of the PKI solution.
  • IoT Security Over Tea: Steeping Out the Hype Recorded: Apr 11 2017 63 mins
    Gorav Arora, CTO Office Director of Technology at Gemalto
    A familiar buzz word over the past few years has been the Internet of Things (IoT). We have all heard the talk about it being the next big thing, its massive growth potential and the benefits to everyone. The IoT will generate more data, connect more devices and enable more users, and somehow these interactions will be safe and secure.

    We take a pragmatic view of IoT, cutting through the hype to uncover the core objective. Furthermore, we take a persona based approach to IoT security, and have identified four main ones: cloud service providers, consumers, device makers and third-party service providers. Each persona faces the obstacle of securing different parts of the ecosystem whether its access, the device, data and/or the user. However, it is necessary that security is provided holistically, as the weakest security link in the chain could compromise it all. In addition to security, the personas are used to demonstrate the ‘Stages of IoT’ from the digital identity of physical products to actualization of new business opportunities. No matter what persona in the IoT ecosystem you are (or are not), the webinar cuts through the hype to understand the real business opportunities and share with attendees the technology tool box (predictive analytics, security, connectivity, data collection and business intelligence) to create and improve services and leverage the generated data internally and externally.

    Join us for the webinar, “IoT Security Over Tea: Steeping out the Hype”, to learn more about:
    •A grounded perspective on IoT
    •Why IoT security matters for everyone
    •The persona analysis of IoT security
    •Key considerations as it begins to take off
    •How to protect what matters most to you
  • Data, the new oil: Find out why and what it means for your organization Recorded: May 5 2016 62 mins
    Moderator: Adrian Davis, (ISC)² EMEA; Speaker: Jason Hart, IDP CTO, Gemalto
    Every day, we create 2.5 quintillion bytes of data — so much that 90% of the data in the world today has been created in the last two years alone.
    More data in more places is leading to an increasing number of data breaches with attackers intent on trying to monetize your sensitive information.
    Jason Hart, IDP CTO at Gemalto will explain why data is the new oil and how easy it is to get hacked with a live hacking demo.
    In this interactive webinar we will also discuss:
    - Why your data is wanted
    - The new data Protection paradigm
    - Live Hacking demo
    - What’s next and what to do now to remain on the safe side

    Join the webinar to find out what you should know about Data Protection, how Cloud, IOT and big data impact your information security solutions and to how to keep your data safe.
Protecting Data, Identities, Transactions & Communications
SafeNet is the only company trusted to protect the world’s most sensitive commercial and government assets. We do this through solutions that persistently protect throughout the information lifecycle and evolve to support changing business and market requirements without disruption.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: GDPR Summary: Why encryption and other measures are now a must?
  • Live at: May 24 2016 11:00 am
  • Presented by: Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker
  • From:
Your email has been sent.
or close