GDPR One year later: Is a Risk-Based Approach to Data Privacy possible?

Presented by

Simon Rycroft, Principal Consultant, ISF and Kashif Barlas, Senior Consultant, ISF

About this talk

With businesses streamlining processes and automating customer service through outsourced arrangements, the volume and content of electronically transmitted personal data records has increased beyond all previous estimates. The sharing of special categories of data between businesses and their suppliers has become the norm, sometimes without adequate protection for the individual’s privacy in breach of the GDPR. Where there are hundreds of supplier contracts, it is not pragmatic for an organisation to review and tighten all these contracts immediately in the wake of the GDPR, however a risk-based approach can certainly reduce the compliance burden upon existing teams. In this seminar, we introduce the concept of a minimum viable product for this aspect of data privacy and describe how it can be aligned with an organisation’s risk appetite and agreed before prioritising and mitigating data privacy risks.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (108)
Subscribers (17954)
Steve Durbin, Chief Executive of the ISF and ISF analysts will present the ISF webinar series: "In pursuit of the secure organisation..." We will be sharing thought leadership and practical guidance drawn from ISF Members, which include many of the world’s leading Fortune and Forbes listed organisations) on how to address cyber, information security and risk management issues facing businesses and their security teams. 1. Emerging Cyber Threats (ISF Threat Horizon annual series) 2. The role of the CEO and business leaders in cyber security 3. Being a successful CISO 4. Cyber-attack trends 5. Critical Asset Management 6. Data breach prevention 7. Supply chain 8. Insider Threat and the role of the end user