Hi [[ session.user.profile.firstName ]]

GDPR Summary: Why encryption and other measures are now a must?

Until recently, EU data protection laws mainly focused on data subject consent, proportionality, purpose limitation, transparency, etc. Information security, however, was very often deemed to be an area for the techies, not an area of legal compliance.
This will change as a result of two recent and major pieces of EU legislation: the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS Directive).
Under the GDPR and the NIS Directive, businesses and operators of essential services (eg. hospitals; airports; etc.) will have to implement robust information and system security measures. In addition, the new rules contain a new name-and-shame mechanism: businesses and operators will have to inform the relevant authorities of security incidents. And they will have to inform the affected data subjects, unless the affected data were rendered unintelligible (for example by means of encryption).
Finally, the EU wants the new data protection rules to become a board-level issue and it has therefore decided to make the rules subject to hefty fines:
•If a business fails to comply with its data security obligations under the GDPR, it may get a fine of up to 10,000,000 EUR or 2 % of its total worldwide annual turnover, whichever is higher.
•Worse even, if a business is found to be in breach of certain other obligations under the GDPR, the fine may go up to a dazzling 4 % of its total worldwide annual turnover.
During this webinar, you will learn from Jason Hart, CTO at Gemalto and Tom De Cordier, an expert in data protection and information security law at CMS in Brussels, what the new rules mean in practice and what businesses should do to bring themselves in line with the upcoming requirements.
Recorded May 24 2016 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker
Presentation preview: GDPR Summary:  Why encryption and other measures are now a must?
  • Channel
  • Channel profile
  • The future of smart connected (or IoT) devices, but what about security? Recorded: Apr 11 2018 61 mins
    Paul Lockley, VP of Partnerships at Device Authority and Gorav Arora, CTO Office Director of Products
    One of the biggest obstacles to IoT adoption is security. Our recent survey found 65% of consumers are concerned about hackers controlling IoT devices and 60% worry about their data being stolen. Recent widespread attacks using IoT device vulnerabilities has also highlighted how interconnected the system is and one weak link creates a ripple effect Securing the identities of both humans and machines, access to the devices and protecting the integrity of the data and device opens the door to more opportunities. For example, the ability to manage blockchain identities and data security policies across any IoT deployment.

    In our joint webinar with Device Authority, our experts will outline how security by design methodology helps future proof IoT deployments. They will have an open conversation and a question and answer session on topics that customers are dealing with, related news topics, compliance and government regulations, business opportunities and technologies that are changing the game. Join us to hear more about how using the security by design approach can help:

    •Identify and manage risks and challenges in the short and long term
    •Prepare for legislation and compliance
    •Create new opportunities for a secure blockchain-based IoT
    •Leverage new technology like machine learning and analytics
  • Developing and implementing risk-based access policies to match IAM strategies Recorded: Mar 28 2018 55 mins
    Amanda Rogerson, Product Expert at Gemalto
    The security challenges of companies large and small is changing. This is especially pronounced in the access management space as IT admins and CISOs are faced with more identities and devices across a growing number of cloud applications. In our recent survey, we found 72% of respondents found cloud access management tools as a solution to reducing the threat of large scale data breaches, while 62% highlighted the tools ability to help simplify the login process for their enterprise users.

    In an organization, individuals dealing with security have different goals and objectives. Aligning them can be a challenge. We will look at the priorities of the user, IT teams and CISOs – where they are linked and where they diverge. To build effective risk-based access policies, you need to start with a living IAM strategy that takes into account geolocation, threats, unusual behavior and scenario based data. Using policy-based access management, internally and externally for example in the cloud, is helping enables aligning the different security teams in an organization and automate and simplify the log-in process for users as well. During the webinar attendees will walk away with an understanding of:

    -Analyzing personas within your organizations security team to improve IAM solution implementations
    -Things to consider when building your access management strategy
    -Building risk-based access management policies across multiple applications or cloud environments
  • Trends in IAM: The Consumerization of Enterprise Security Recorded: Mar 7 2018 34 mins
    Danna Bethlehem, Director of Product Marketing
    With a growing number of cloud apps in use, more employees working remotely increasing the need for stronger authentication. This is driving IT decision makers to find ways to ‘consumerize’ the login process. To get a better understanding of access management challenges and views on the industry Gemalto surveyed 1,000 IT decision makers to compile the 2018 Identity and Access Management Index. During this webinar, we will share some of the fascinating key findings that will shape cybersecurity and the way enterprise IT professionals evaluate and implement access management technology. Join us to learn more about:

    •2018 key findings and trends
    •How consumerization of IAM can be achieve in the enterprise security space
    •How organizations can maintain security while lowering barriers to authentication
    •Evolution of IAM Trends: A look at the historical numbers compared to the new findings
  • Ponemon Research 2017 Trends in Cloud Security: Cloud & Compliance Compatible? Recorded: Feb 27 2018 60 mins
    Larry Ponemon, Chairman and Founder of the Ponemon Institute and Jason Hart, CTO office for data protection
    95% of companies have adopted cloud services but the 2018 Global Cloud Data Security Survey found there is a wide gap in the level of security precautions applied by companies in different markets. Organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. This is disturbing since only a quarter (25%) of IT and IT security practitioners revealed they are very confident they know all the cloud services their business is using,

    The reality is cloud creates challenges in knowing where your data resides and what or who has access to it. In 2018, breaches like Uber and Accenture occurred because of improperly configured security for web and cloud applications that were connected to a company’s network. A major catalyst to address this is upcoming regulations and compliance, which are trying to catch up with cloud adoption. Over the next few years, companies will be faced with more complicated and intricate auditing to demonstrate security and privacy best efforts in the cloud.

    During this webinar, Larry Ponemon, Chairman and Founder of the Ponemon Institute, and Jason Hart, CTO of Data Protection, will walk attendees through the research methodology, key findings and how things have changed over the past couple of years. Join us to learn more about:
    -2018 Global Cloud Data Security Findings
    -Compliance and cloud security: How will this work?
    -A shift in the budget: Where is IT spending their money?
    -Country breakdown of IT cloud security: Who is doing the best?
    -What can you do to secure the cloud and comply with regulations?
  • Before you choose Microsoft – 5 Things to Check in an Access Management solution Recorded: Feb 26 2018 59 mins
    Mor Ahuvia, Authentication Product Marketing at Gemalto
    Organizations with Microsoft environments, such as Azure or Office 365, are inclined to implement Microsoft’s native access management solutions (namely, Azure AD and AD FS). Defaulting to Microsoft’s cloud SSO solutions may appear to be the best choice, a closer examination of these solutions reveals critical downsides, as well.

    Join this webinar to learn the five things to consider before implementing Microsoft’s access management solutions. You will also see a demo of how you can centrally define access management policies (including cloud SSO and step-up authentication) for Microsoft and 3rd party apps with a vendor agnostic-solution.
  • How to Prepare for GDPR: A Gemalto Case Study Recorded: Dec 18 2017 60 mins
    Jean-Pierre Mistral, Director of Global Data Privacy and Alex Hanway, Encryption Product Marketing
    Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.

    This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.

    Join us to hear more about:
    •What is GDPR?
    •Case Study: A look at how Gemalto has prepared for GDPR
    •The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
  • How Cryptocurrencies are Changing the Face of Financial Services Recorded: Dec 15 2017 61 mins
    Eric Larchevêque, CEO at Ledger and Joe Pindar, CTO Office Director of Strategy
    Joint webinar with Ledger and Gemalto discussing how cyrptocurrencies have the potential to revolutionize the financial industry and what needs to be done to secure the digital assets.
  • SafeNet Authentication Service Live Product Demo Recorded: Nov 24 2017 26 mins
    Ms. Mukta Gupta - Technical Consultant Engineer, Identity & Data Protection, India & SAARC, Gemalto
    SafeNet Authentication Service (SAS) delivers fully-automated, highly secure strong authentication-as-a service. A new product demo webinar is now available.

    Register now for our 30 minute demo and see how easy and simple it is to:
    - Set up a strong authentication account on SAS
    - Add users to an account
    - Assign tokens to users
    - Generate reports

    Please email us at InfoAPAC@gemalto.com if you have any questions or problems registering.
  • Are you Ready for Australia's Privacy Act? A Gemalto Case Study Recorded: Nov 22 2017 61 mins
    Jean -Pierre Mistral, Legal Counsel for Data Privacy and Graeme Pyper, Regional Director of Enterprise and Cybersecurity
    Join us for part two of our webinar series focused on helping companies prepare for the upcoming Australian Privacy Act and global government regulations, like European General Data Protection Regulation (GDPR).
    Data sovereignty, especially for cloud first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.

    This follow up webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our legal counsel for global data privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Graeme Pyper, Regional Director for New Zealand and Australia, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.

    Join us to hear more about:
    •The Mandatory Data Breaches scheme
    •Case Study: A look at how Gemalto is preparing for Australia’s NDB & GDPR
    •The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
  • What is New with PCI-DSS Compliance in 2018? Recorded: Nov 7 2017 46 mins
    Danna Bethlehem, Director Product Marketing, Gemalto
    The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
    This webinar will discuss and provide helpful information on the upcoming mandate including:
    •Overview of PCI DSS 3.2
    •What is new in PCI DSS 3.2 and what that means for your business
    •Comprehensive solutions that will help you ensure compliance
    •Mapping solutions to the needs of your department
    Please visit our BrightTalk channel to register for the webinar.
  • 451 Research & Gemalto Present "Alphabet Soup: Deciphering Multi-Cloud Security Recorded: Oct 19 2017 57 mins
    Eric Hanselman, Chief Analyst at 451 Research and Michael Gardiner, Security Lead for CTO office, Gemalto
    The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.

    In this joint webinar with 451 Research, we will cover topics including:

    -Building a multi-cloud security strategy for encryption and key management
    -Best practices, benefits and pitfalls of managing your own security
    -Impact of regulations on data protection in the next few years
    -Understanding the different CSP requirements for key management:
    oCustomer-Supplied Encryption Key (CSEK)
    oBring Your Own Key (BYOK)
    oHold Your own Key (HYOK)
    oGeneral cloud service provider key management services overview
  • Are you Ready for DFARS? Recorded: Sep 27 2017 60 mins
    Eric Avigdor, Director of Product Management at Gemalto
    With the deadline for DFARS (Defense Federal Acquisition Regulation Supplement) quickly approaching, many business are scrambling to meeting compliance requirements. An important part of DFARS addresses the need for strong, two-factor authentication, as well as physical access controls to organizational information systems, equipment, and the respective operating environments to authorized individuals.
    Are you prepared? If you’re like many other government contractors and subcontractors, a little advice may be needed to navigate the waters of physical and user access controls.
    Gemalto’s Identity and Protection expert, Eric Avigdor, will be present and informative look at DFARS and what options are available to ensure compliance. What Eric will discuss:
    •Overview of DFARS mandate
    •Use cases – our experience from the field
    •Comprehensive solutions that meet the multi-factor authentication and physical access controls required by the DFARS mandate
    •Mapping solutions to the needs of your department
  • The Blockchain Bubble: Identifying viable opportunities for blockchain Recorded: Sep 26 2017 61 mins
    Joe Pindar, CTO Office Director of Strategy
    Blockchain technology is popping up everywhere from the currency market to smart contracts. The growth in the technology is evident from the investments being made, for example, PwC estimated that in the last nine last nine months of 2016, $1.4 billion had been invested globally in blockchain startups. This stems from its potential to enable efficiencies and cost-saving opportunities based on moving to a decentralized approach and away from the current centralized systems. With all the hype around blockchain, companies need to cut through the hype and ask the question - when does blockchain actually make business sense?

    Blockchain is not a silver bullet and cannot solve every problem. There is also the added complexity of managing the security of many distributed nodes can only be justified by gaining business benefits from using blockchain. In this webinar, we will look at a business qualifying approach to blockchain to help you evaluate valid blockchain use cases and identify the security needs surrounding blockchain operations. Join us to learn more on:
    •Securing blockchain from the edge to the core
    •The operational benefits and pitfalls of blockchain technology
    •Our 4 step qualification process for blockchain business opportunities:
    1.Is there an established business process?
    2.Are there more 3 parties involved – i.e. is it a distributed problem?
    3.Is it important that the data being exchanged is trusted and considered to be factually accurate?
    4.Would automation improve the performance of the process?
  • What is an Identity Provider (IdP) and Do You Need One? Recorded: Aug 23 2017 47 mins
    Stephen Allen, Authentication Expert at Gemalto
    The explosion of cloud-based applications in the enterprise is making IT and security professionals rethink their cloud identity management strategy. By default, every cloud user creates an average of 17 cloud identities. But catering to 17 different user stores per employee or partner is simply not scalable from an administration perspective. And as if IT’s time is not precious enough, password resets account for 20% of helpdesk tickets. This adds to the compliance and security risks associated with cloud-based applications, which by default require only weak static passwords and offer no central point of management across disparate cloud-based services.

    Join Stephen Allen, Gemalto Product Manager for Authentication and Access Management, and learn how deploying an Identity Provider enables:

    •Cloud Single Sign-On for easy access to cloud apps
    •Regulatory compliance with standards such as PCI DSS
    •Reduced identity lifecycle overheads
    •Centralized management of cloud access policies
    •Increased security with step-up authentication
  • Securing India's Aadhaar Numbers as per UIDAI's Mandates Recorded: Aug 11 2017 60 mins
    Nanda Mohan Shenoy, CAIIB, CISA - Bestfit Business Solutions and Prasun Srivastava - Solution Expert, IDP, Enterprise & Cyber
    The India's Unique Identification numbers (UIDs), also named "Aadhaar numbers" contain Personally Identifiable Information (PII), the Unique Identification Authority of India (UIDAI) has mandated that the private cryptographic keys used to digitally sign and authenticate the UIDs must be stored in a Hardware Security Module (HSM).

    In addition to HSMs, the UIDAI has also mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted as of August 2017.

    Join this live webinar to know more about how to easily conform to the mandate:
    •What is UIDAI's requirements?
    •Why HSM and tokenization?
    •How to ensure Aadhaar numbers are protected?
    •What makes Gemalto's SafeNet Luna HSM and KeySecure unique?
    •How to meet UIDAI's compliance mandates?
  • Part 1: 6 steps to GDPR compliance Recorded: Aug 1 2017 61 mins
    Adrian Davis, Managing Director, (ISC)² EMEA, Jan Smets, Certified Data Protection Officer, Gemalto
    The introduction of GDPR is set to bring data protection to the top of businesses’ priority lists. So how can businesses ensure they are compliant and what steps do they need to take?
    In this webinar, certified DPO Jan Smets with provide a six-step overview to help achieve compliance:

    1) Understand the GDPR legal framework
    2) Create a Data Register
    3) Classify your data
    4) Start with your top priority
    5) Assess and document additional risks and processes
    6) Revise and repeat
  • Law Enforcement Data On the Move: Don’t make CJI a Crime Recorded: Jul 20 2017 57 mins
    Stan Mesceda, Encryption Expert at Gemalto
    Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
    Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
    “When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”

    Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
    Attendee takeaways:
    •Overview of CJIS-SP mandate
    Network vulnerabilities and how Ethernet encryption can help secure data in motion
    •Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
    •Mapping solutions to the needs of your organization

    For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091
  • Turning the Table on Hackers and Breaches Recorded: Jul 11 2017 45 mins
    Jason Hart, CTO of Data Protection at Gemalto
    Data breaches in 2016 got even more personal with big hacks of adult entertainment sites and social media databases. Hackers mined these for gold, in other words, valuable data to create social engineering attacks, ransom operations and identity theft. According to Gemalto’s Breach Level Index, the number of stolen, compromised or lost records increase by 86% in 2016, while the number of breaches decreased by 4%. Hackers are going after more data than ever before, and they are finding it in large databases that are left relatively insecure.

    Whether consciously or not, hackers have grasped the idea of situational awareness. They have figured out how to exploit these golden opportunities by keeping a pulse on what is going on. It seems too simple to be true, but it goes back to the age-old principle of information is power. Getting the information comes from being aware of one’s surroundings. To become situationally aware, companies need to change their mindset- building a walled garden isn’t an option anymore. During the webinar, we will look at the major data breach trends and findings from 2016 and discuss how this information can help develop your situational awareness. Join us as we cover topics like:

    -What we can learn from Jason Bourne about knowing one’s surroundings
    -What we can learn from hackers to better protect valuable data
    -What we as security professionals can do by going back to the basics of accountability, integrity, auditability, availability and confidentiality
    -How to change our mindset in a new era of a hacker driven gold rush
  • Getting Ready for Australia’s Privacy Act Amendment (Notifiable Data Breaches) Recorded: Jun 29 2017 58 mins
    Helaine Leggat, an legal expert in data protection regulations and Graeme Pyper, Regional Director at Gemalto
    The Gemalto’s Breach Level Index reported 1.4 billion data records compromised worldwide in 2016, up 86% from 2015. Closer to home, there were 44 & 16 voluntarily reported breaches in Australia and New Zealand respectively. With the new Privacy Amendment (Notifiable Data Breaches) Act 2017 in Australia, these numbers are expected to increase dramatically as organisations are required to declare any “eligible data breaches”.

    Navigating these regulations such as the Australian Privacy Act and European General Data Protection Regulation (GDPR) and the impact they will have can be daunting. Organisations must start planning ahead to mitigate the potential risks of being non-compliant. The implications of a data breach can go beyond compliance. In 2014, the Target breach had a massive impact on the company’s brand reputation, while last year’s announcement of the Yahoo! data breach cost the company nearly $1.7 billion in stock market value.

    During this webinar, Helaine Leggat, an legal expert in data protection regulations will discuss the Australian Privacy Act Amendment in detail, what it means for businesses in Australia and internationally. Graeme Pyper, Regional Director at Gemalto will provide recommendations to help prepare for the 2018 deadline. We will share industry best practices and methodologies companies can evaluate to simplify a government audit process. Join our experts to ask questions and learn more about:

    •The local and global government data privacy regulations (Australia and Europe)
    •Gauging the true cost of a data breach and how to reduce the scope of risk
    •Understanding privacy by design throughout business
    •Strategies for simplifying operations for regulation and internal audits
    •Determining current industry compliance, which may be applicable to the APA and GDPR
  • Getting Rid of Risky Business: How contextual info is securing cloud app access Recorded: Jun 28 2017 56 mins
    Ella Segura, Identity and Access Management Expert at Gemalto
    Organizations are working across more cloud environments from CSPs to on premise. Just this year, enterprises are expected to utilize an average of 17 cloud applications to support IT, operations and business strategies. The cloud’s benefits are well-known, but for security teams managing multi-cloud ecosystems has its challenges, especially when it comes to access management.

    Behavioral and contextual analytics are helping companies mitigate risk and better secure access to cloud applications and data. Using data-driven insights to develop internal security policies takes a more preventative identity and access management strategy.

    During this webinar, we will discuss what security professionals need to assess and understand when moving towards or updating a risk-based authentication model for IAM. The presentation will outline access management policies can be identified, templated, updated and monitored to improve security around data in the cloud.

    Join us for a deep dive into:
    -Current implications of multi-cloud environments on IAM
    -Proactively using analytics to define access policies
    -Avoiding security fatigue through scenario-based authentication
    -Preparing for audits using policy implementations
    -A live demonstration of how this all fits together in a multi-cloud environment
SafeNet APAC Data Security Solutions Webinars
SafeNet APAC Data Security Solutions webinars designed for enterprise and users, distributors and resellers.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: GDPR Summary: Why encryption and other measures are now a must?
  • Live at: May 24 2016 11:00 am
  • Presented by: Adrian Davis, MD (ISC)² EMEA; Jason Hart, CTO Gemalto; Tom De Cordier, Lawyer and Partner, CMS DeBacker
  • From:
Your email has been sent.
or close