Are you looking for ideas for top privacy & security links to follow in 2021? Here are a few of my suggestions for practioners to stay on top of trends, reports & regulatory alerts based on personal research for articles I wrote in 2020
GDPR and the Importance of Good Governance
Data privacy has become a matter of competitive advantage for firms worldwide. Consumer confidence reports are now showing us the direct correlation between privacy and how people would actively avoid companies that do not respect it. Recent data privacy cases heard in the ECJ have seen a paradigm shift from business to consumer rights on a global scale. In this presentation I discuss;
-The importance of a well-defined governance program when it comes to preparing for the new general data protection regulations coming into effect in the EU
-Identify what policies and tools need to be in place for effective management of customer data to effectively govern a compliance program and maintain competitive advantage
-Identify who should participate in a multi-disciplinary team to shape IT governance as it relates to the new GDPR regulations &
-Understand in detail the role of the data protection officer as it relates to supporting good governance and data privacy
12 Steps to Protect Public Sector Organizations from the Latest Threats
In a recent report by the Guardian on the NHS data breach last May which saw hundreds of NHS systems in the UK infected by the Wannacry ransomware virus, it’s reported that a £100,000 ransom was paid to unlock systems and that more worryingly, the cost of the breach is still unknown but continues to rise.
With the alarming increase in threats to privacy like ransomware and the potential for hefty GDPR non-compliance fines after May 2018, the risks to public sector operations has never been greater. In this 35 minute interactive session, Paul Rogers a cybersecurity expert takes a look at the latest privacy challenges in an easy to understand fashion that will help you formulate a robust plan ahead of the GDPR compliance deadline. We will look at specific threats to industrial control systems, legacy risk, recent case history, examples of good data privacy implementations and a high-level process road map to set direction for your compliance program.
In a recent survey conducted for Mazars on Irish Businesses on GDPR readiness, only 16% of businesses had actually mobilized a project to meet the upcoming deadline. While 82% of respondents agreed that meeting requirements would be challenging to extremely challenging. In this 35 minute session, Paul Rogers a compliance expert speaker and fintech business owner, will take a look at the challenges that Irish businesses face when it comes to GDPR and 10 practical steps that stakeholders can do to be ready for the May 2018 deadline. He will look at internal governance, consumer self service models, trans-border data transfers, privacy shield, NIS directives, policy readiness and more. He will also cover common compliance failures and data protection commissioner case history reports which will help you stay clear of trouble.
Every data privacy program is dependent on a detailed map of where data sources are in the organization. Using a data map like this one can be a good place to establish a good governance program and engage with stakeholders.
Governance Data Process Workflow for Public Sector Companies
Mitigation of threats as they relate to GDPR in public sector organizations starts with having a high level GDPR threat mitigation workflow. This should be under the remit of a GDPR steering committee followed by GDPR policy emplacement, updates to network documentation, threat identification through scanning and assessments, backup strategy and ongoing monitoring of the latest threats.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.