GDPR: La violazione dei dati nel nuovo Regolamento Europeo sulla Privacy
Fino a poco tempo fa, le leggi europee riguardanti la protezione dei dati erano principalmente focalizzate sul consenso della persona, limitazione delle finalità e trasparenza nei trattamenti, etc. mentre gli aspetti inerenti la sicurezza delle informazioni erano considerati, in linea generale, questioni squisitamente tecniche più che di conformità legale.
Questo quadro ora cambia profondamente con l'entrata in vigore il 25 maggio 2016 del nuovo Regolamento Privacy Europeo (GDPR), e con la prossima direttiva europea sulla sicurezza delle reti e dei sistemi informativi (NIS Directive). Tra le nuove e importanti prescrizioni in tema di sicurezza del GDPR spicca in modo particolare quella della violazione dei dati personali, che richiede alle aziende di tutti i settori di effettuare in tali casi la comunicazione al Garante privacy entro 72 ore e, in particolari condizioni, anche la comunicazione senza indebito ritardo a tutte le persone interessate dalla violazione a meno che i dati non siano stati resi inintellegibili (per esempio per mezzo di crittografia). Inoltre la direttiva NIS, una volta recepita nei Paesi Membri della UE, richiederà tra l'altro agli Operatori dei Servizi Essenziali (Energia, Trasporti, Sanità, etc.) e agli Operatori di Servizi Digitali (e-commerce, motori di ricerca on line, Cloud Computing) di comunicare alle autorità competenti nazionali i casi di incidenti di sicurezza.
L’Unione Europea vuole che la conformità alle nuove normative in materia di protezione dei dati diventi una questione prioritaria e ha così prescritto che queste regole siano soggette a pesanti multe (sono previste sanzioni fino a 20 milioni di euro, e per le imprese fino a 4% del fatturato mondiale, se superiore).
Partecipa al webinar organizzato da Symbolic e Gemalto che si terrà il prossimo 15 giugno alle ore 11:00 per conoscere il quadro normativo applicabile e le misure da predisporre per una corretta gestione dei casi di violazioni dati.
RecordedJun 15 201664 mins
Your place is confirmed, we'll send you email reminders
Garrett Bekker, Senior Security Analyst at 451 Research and Stephane Vinsot, Senior Director, IAM Product Strategy at Gemalto
Up until now, PKI hardware’s limitations meant companies could not adopt cloud and mobility projects without having to completely ‘rip and replace’ their current security framework. As a result, companies have been using smart cards and tokens to allow their employees to authenticate themselves while accessing corporate resources, but this was limited to activity within the enterprise perimeter. In addition, companies that use PKI credentials for email encryption and digital signing have also been limited to on-premises environments.
In this webinar, you will learn about how organizations can deploy SafeNet Trusted Access and benefit from single sign on (SSO) and high assurance PKI-based authentication, making it easier and more secure to access cloud and web-based apps and resources from wherever and on any device. Using the solution, employees will no longer have to re-authenticate each time they access a resource with their smart card, enabling more efficiency across the company – while allowing enterprises to maintain high assurance security when needed.
In this webinar you will also learn how to build on current PKI investments, and embrace digital transformation without compromising on security, including:
•Enabling cloud transformation: Organizations can extend PKI credentials to access policies, allowing CISOs to maintain security in the cloud by triggering the use of step up PKI-based authentication to cloud and web-based apps when needed
•Facilitating mobility: Employees can access enterprise applications within virtual environments with their PKI credentials. This means that employees and consultants will be able to access corporate apps via a VDI, from any device and carry out certificate-based transactions, even if they can’t use their smart cards
Gary Marsden, Senior Director of Data Protection Services at Gemalto
While the technological and commercial advances of the cloud have created significant opportunities for enterprises, service providers and IT vendors alike, this cloud-driven transformation has also undone conventional approaches to data security and created compliance challenges when it comes to data control and ownership.
These changes have unwittingly drawn us into a realm of increasing threat vectors, poor security practices and bad actors. From reducing cost of ownership to empowering IT decision making across the value chain, it is safe to say that the cloud means that life will never be the same for anyone.
During this webinar we will:
- Look at the challenges facing today's IT and security teams;
- See how this wave of disruption can be overcome using ever advancing automation, processing and intelligence technologies that can be used to build and deliver security an increasingly diverse IT landscape; and
- Look at how security will need to evolve in the wake of digital transformation.
Ferry de Koning, Director Business Development, Gemalto and Gary Marsden, Senior Director, Encryption Products
Fintech startup companies are disrupting the financial services industry, raising more than $120 billion over the last three years. Although these new entrants are changing how money and markets operate, they must still do business within the realities of regulations like GDPR and Australia's Notifiable Data Breaches scheme that the rest of the financial industry must operate. This means that data security and trust are just as important to Fintech companies as it is to traditional banks.
Fintech companies are unique because of their agility, lean operations and that most are built using the cloud and digital technologies that banks are just now adopting. While this makes Fintech companies more nimble and they can enter new markets faster, it also presents more complexities for how Fintech companies need to manage security and meet compliance mandates.
In this webinar you will learn about:
•Fintech compliance and regulation from a data protection perspective.
•How to build a secure the breach strategy using a case study from the physical world
•Understand key elements for building cloud-based data security strategy that fits the needs of Fintech companies
Stan Mesceda, Senior Product Manager at Gemalto and Julian Fay, CTO at Senetas
Today enterprises and service providers are increasingly using network functions virtualization (NFV) and software-defined networking (SDN) technologies to design, deploy and manage their networks and cloud-based services. These software-based technologies give organizations cost and operational benefits because they move network functions from dedicated hardware appliances to virtual servers. These same technologies can be now be applied to how encryption is deployed and managed to protect sensitive data and communications the flow across SD-WANs.
In this webinar you will learn about:
•What is the best network fit for virtualized encryption
•How to implement a virtual network encryption appliance in software-defined network
•What are the cost, operational and performance benefits of virtual encryption
•What it means to be transport layer independent and how you can protect network traffic simultaneously across Layers 2, 3 and 4
Gemalto SafeNet Trusted Access: non solo strong authentication , ma un'unica piattaforma intuitiva per la gestione degli accessi
Con un numero crescente di applicazioni cloud in uso e sempre più utenti che lavorano da remoto, la necessità di un'autenticazione forte e gestione degli accessi è in aumento. I responsabili IT sono ora in una fase cruciale dove devono trovare l'approccio migliore per proteggere i propri accessi al cloud e non solo. Le tendenze mostrano che il mercato italiano si sta approcciando alle applicazioni basate nel cloud e l'adozione inizierà presto, per cui è bene farsi trovare preparati al momento giusto.
Questo webinar ha l'obiettivo di comprendere meglio la gestione degli accessi e di introdurre la nostra nuova soluzione SafeNet Trusted Access in risposta a questa nuova sfida. Il nostro Sales Engineer Simone Mola introdurrà questo nuovo servizio che combina la strong authentication, il single sign-on e la capacità di gestire centralmente l'accesso a numerose applicazioni cloud con policy di accesso granulari. Inoltre, al fine di fornire un'idea efficace di questa soluzione, Simone Mola si concentrerà sulla presentazione di alcuni casi d’uso e terminerà il webinar con una demo live.
La necessità per le aziende di avere una soluzione che vada oltre la strong authentication e al momento stesso facilmente utilizzabile, ha dato a Gemalto la fantastica idea di creare una piattaforma unica e semplice per gestire tutti gli accessi in un SOLO strumento. Presentando tutte le caratteristiche e le funzioni della soluzione, ti consentiremo di avere una visione completa di come gestire tutte le tue identità con l'approccio più semplice e intuitivo.
Durante il webinar i partecipanti avranno l’occasione di approfondire argomenti quali:
• Sfide IAM in un ambiente IT in evoluzione e in un mondo cloud
• Funzionalità di SafeNet Trusted Access e il valore aggiunto della nostra soluzione cloud
• Come migrare senza problemi dalla soluzione SAS alla soluzione STA
Gary Marsden, Senior Director of Data Protection Solutions at Gemalto and William Fellows, Research VP 451 Research
Digital transformation is a critical part of an enterprise business strategy. However, for many organizations, having more digital assets introduces major headaches due to the complexity of technologies, the lack of available and affordable skills and the ever-changing security threat landscape. The ability to use cloud based solutions to service digital strategies is helping reduce costs but is also increasing risks, isolating data and reducing controls.
Many MSPs have recognized this as an opportunity and are building business plans and service strategies to help their customers. Being the one-stop shop for applications, cloud services and related security aspects is a path that is actively being trodden by MSP’s, MSSP’s and traditional resellers alike. According to 451 Research, it is about a “sell with” approach by addressing business requirements with security “built-in”. In this joint webinar, our guest William Fellows, 451 Research analyst will provide new research results this related data points and discuss how the cloud is creating opportunities as well as challenges. The interactive Q&A style webinar will cover:
• A current view of the cloud’s impact on digital transformation
• Opportunities for MSPs to expand service portfolios and generate new revenue streams
• What a true “sell with” partnership looks like
• Technology enabling this new sales and marketing strategy for MSPs
William Fellows is a co-founder of The 451 Group. As VP of Research, he is responsible for the Cloud Transformation Channel at 451 Research.
Gary Marsden: Senior Director of Partnerships at Gemalto
2018 has started off as an eventful year with data breaches at Saks Fifth Avenue, Lord & Taylor and Under Armour’s MyFitnessPal app. And it will continue to be a catalyst year for data security with the 25th of May deadline for the European Unions’ General Data Protection Regulation, which regards “privacy as a fundamental human right and to protect it as such.” Data exposed or breached is not only a headache for security teams, but also impacts brand reputation, customer confidence and stock prices.
Gemalto’s 2017 Breach Level Index found 2.6 billion records where compromised in 2017, a 88% increase from 2016. In this webinar our expert, Jason Hart, will walk attendees through the most shocking 2017 stats, new data breach tactics and how companies can manage risk by mapping out where your data resides. Join us to learn more about:
-Internal threats and misconfigured cloud databases
-Growing security threats like data integrity attacks
-Innovative technology that is solving some of these issues
-What we have in store for 2018
John Ray, Product Management and Danna Bethlehem, Product Marketing Gemalto and Josh Chambers, Product Management at F5
Securing and monitoring your network and cloud environments has changed over the past few years and compliance and government regulations will add to it. Network traffic monitoring tools have been presented as a solution to meeting compliance and performance on a network. But monitoring alone is not enough. In terms of security, companies need to holistically secure their network, cloud and data, no matter where their users are accessing from.
This joint webinar between F5 and Gemalto will help attendees prepare for the next-generation of secure network access as more data resides in more places with more people accessing it. It will also walk them through the integration between F5 and Gemalto and what options this partnership offers.
In this webinar, you will earn how to:
•Reduce the risk of breaches by ensuring that only authorized users are accessing network, using the F5 environment as an example
•Protect & encrypt your customer data
•Manage secure cloud access
•Comply with regulations
Paul Lockley, VP of Partnerships at Device Authority and Gorav Arora, CTO Office Director of Products
One of the biggest obstacles to IoT adoption is security. Our recent survey found 65% of consumers are concerned about hackers controlling IoT devices and 60% worry about their data being stolen. Recent widespread attacks using IoT device vulnerabilities has also highlighted how interconnected the system is and one weak link creates a ripple effect Securing the identities of both humans and machines, access to the devices and protecting the integrity of the data and device opens the door to more opportunities. For example, the ability to manage blockchain identities and data security policies across any IoT deployment.
In our joint webinar with Device Authority, our experts will outline how security by design methodology helps future proof IoT deployments. They will have an open conversation and a question and answer session on topics that customers are dealing with, related news topics, compliance and government regulations, business opportunities and technologies that are changing the game. Join us to hear more about how using the security by design approach can help:
•Identify and manage risks and challenges in the short and long term
•Prepare for legislation and compliance
•Create new opportunities for a secure blockchain-based IoT
•Leverage new technology like machine learning and analytics
The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.
In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:
-Analyzing personas within your organizations security team to improve IAM solution implementations
-Things to consider when building your access management strategy
-Building risk-based access management policies across multiple applications or cloud environments
With a growing number of cloud apps in use, more employees working remotely increasing the need for stronger authentication. This is driving IT decision makers to find ways to ‘consumerize’ the login process. To get a better understanding of access management challenges and views on the industry Gemalto surveyed 1,000 IT decision makers to compile the 2018 Identity and Access Management Index. During this webinar, we will share some of the fascinating key findings that will shape cybersecurity and the way enterprise IT professionals evaluate and implement access management technology. Join us to learn more about:
•2018 key findings and trends
•How consumerization of IAM can be achieve in the enterprise security space
•How organizations can maintain security while lowering barriers to authentication
•Evolution of IAM Trends: A look at the historical numbers compared to the new findings
Larry Ponemon, Chairman and Founder of the Ponemon Institute and Jason Hart, CTO office for data protection
95% of companies have adopted cloud services but the 2018 Global Cloud Data Security Survey found there is a wide gap in the level of security precautions applied by companies in different markets. Organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. This is disturbing since only a quarter (25%) of IT and IT security practitioners revealed they are very confident they know all the cloud services their business is using,
The reality is cloud creates challenges in knowing where your data resides and what or who has access to it. In 2018, breaches like Uber and Accenture occurred because of improperly configured security for web and cloud applications that were connected to a company’s network. A major catalyst to address this is upcoming regulations and compliance, which are trying to catch up with cloud adoption. Over the next few years, companies will be faced with more complicated and intricate auditing to demonstrate security and privacy best efforts in the cloud.
During this webinar, Larry Ponemon, Chairman and Founder of the Ponemon Institute, and Jason Hart, CTO of Data Protection, will walk attendees through the research methodology, key findings and how things have changed over the past couple of years. Join us to learn more about:
-2018 Global Cloud Data Security Findings
-Compliance and cloud security: How will this work?
-A shift in the budget: Where is IT spending their money?
-Country breakdown of IT cloud security: Who is doing the best?
-What can you do to secure the cloud and comply with regulations?
Mor Ahuvia, Authentication Product Marketing at Gemalto
Organizations with Microsoft environments, such as Azure or Office 365, are inclined to implement Microsoft’s native access management solutions (namely, Azure AD and AD FS). Defaulting to Microsoft’s cloud SSO solutions may appear to be the best choice, a closer examination of these solutions reveals critical downsides, as well.
Join this webinar to learn the five things to consider before implementing Microsoft’s access management solutions. You will also see a demo of how you can centrally define access management policies (including cloud SSO and step-up authentication) for Microsoft and 3rd party apps with a vendor agnostic-solution.
Eric Avigdor, DIrector of Product Management at Gemalto
Two critical European regulations are rolling out in 2017 and 2018. The General Data Protection Regulation (GDPR) is designed to strengthen the safeguards around personal data and create a more uniform standard within the European Union (EU), while eIDAS is the European Regulation aimed at creating a framework for cross-border electronic identification and transactions across EU member countries.
Paperless vs. Privacy is a real issue facing business in the EU, and around the world. Both eIDAS and GDPR have global ramifications and affect a broad group of industries. Complying with both of these regulations can be a real hardship for some small to mid-size companies.
Please join us for our BrighTalk webinar where our resident Public Key Infrastructure expert, Eric Avigdor, will help you tread the waters of eIDAS vs. GDPR. Which one is most important for your business? What are the consequences of non-compliance? We will also discuss how to comply with multi-factor authentication, physical access, and encryption requirements.
Jean-Pierre Mistral, Director of Global Data Privacy and Alex Hanway, Encryption Product Marketing
Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.
This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.
Join us to hear more about:
•What is GDPR?
•Case Study: A look at how Gemalto has prepared for GDPR
•The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
Join experts from Commvault, Fujitsu and Gemalto in this panel-style webinar to learn more about GDPR.
With the fast approaching May 25th deadline, the General Data Protection Regulation (GDPR) is on the mind of every IT department, as it will have a significant impact across all areas of every organisation.
To help you get prepared, we’ve got some industry experts from leading organisations with GDPR practices, for an online panel discussion on the practical steps IT departments will have to take to get their organisation ready. The panel includes Fujitsu’s GDPR lead for Ireland, a qualified DPO and security expert from Gemalto, plus a GDPR data management expert from Commvault.
•Practical IT challenges related to GDPR from security and data management perspectives
•Recommended steps to prepare for and meet GDPR requirements within the IT department
•Key tips, and things to watch out for
•How to get started and identify the gaps to be addressed
This session will include a live Q&A (via chat) with the presenters.
Danna Bethlehem, Director Product Marketing, Gemalto
The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
This webinar will discuss and provide helpful information on the upcoming mandate including:
•Overview of PCI DSS 3.2
•What is new in PCI DSS 3.2 and what that means for your business
•Comprehensive solutions that will help you ensure compliance
•Mapping solutions to the needs of your department
Please visit our BrightTalk channel to register for the webinar.
Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto
The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.
In this joint webinar with 451 Research, we will cover topics including:
-Building a multi-cloud security strategy for encryption and key management
-Best practices, benefits and pitfalls of managing your own security
-Impact of regulations on data protection in the next few years
-Understanding the different CSP requirements for key management:
oCustomer-Supplied Encryption Key (CSEK)
oBring Your Own Key (BYOK)
oHold Your own Key (HYOK)
oGeneral cloud service provider key management services overview
Eric Avigdor, Director of Product Management at Gemalto
With the deadline for DFARS (Defense Federal Acquisition Regulation Supplement) quickly approaching, many business are scrambling to meeting compliance requirements. An important part of DFARS addresses the need for strong, two-factor authentication, as well as physical access controls to organizational information systems, equipment, and the respective operating environments to authorized individuals.
Are you prepared? If you’re like many other government contractors and subcontractors, a little advice may be needed to navigate the waters of physical and user access controls.
Gemalto’s Identity and Protection expert, Eric Avigdor, will be present and informative look at DFARS and what options are available to ensure compliance. What Eric will discuss:
•Overview of DFARS mandate
•Use cases – our experience from the field
•Comprehensive solutions that meet the multi-factor authentication and physical access controls required by the DFARS mandate
•Mapping solutions to the needs of your department
As the global leader in digital security, Gemalto brings trust to an increasingly connected world. From secure software to biometrics and encryption, our technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.
Gemalto’s solutions are at the heart of modern life, from digital payments and transactions to enterprise security and the Internet of things. We authenticate people, transactions and objects, encrypt data and create value for software – enabling our clients to deliver secure digital services for billions of individuals and things.
GDPR: La violazione dei dati nel nuovo Regolamento Europeo sulla PrivacyGloria Marcoccio, Senior Advisor IT and International Privacy & Security Compliance, Simone Mola Sr Sales Engineer at Gemalto[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]63 mins