Cyber Security Law --- Are you ready?
|
|
- Corey Kelly
- 5 years ago
- Views:
Transcription
1 Cyber Security Law --- Are you ready? Xun Yang Of Counsel, Commercial IP and Technology 9 May 2017
2 1 / B_LIVE_APAC1: v1
3 Content Overview of Cyber Security Law Legislative Development Key Issues in Cyber Security Protection Practical Suggestions in Protecting Cyber Security 2 / B_LIVE_APAC1: v1
4 Overview of Cyber Security Law 3 / B_LIVE_APAC1: v1
5 Overview of Cyber Security Law Historical Review 4 / B_LIVE_APAC1: v1
6 Overview of Cyber Security Law Content (1) National Security Law Industry-specific rules Piecemeal Data Protection Rules Cyber Security Law Practice 5 / B_LIVE_APAC1: v1
7 Overview of Cyber Security Law Content (2) Development of cyber security technology Security duties of network operators Extra duties of operators of critical information infrastructure Personal data protection Obligations to cooperate with government against cyber crimes 6 / B_LIVE_APAC1: v1
8 Overview of Cyber Security Law Regulatory bodies MPS CAC MIIT Industry Regulators 7 / B_LIVE_APAC1: v1
9 Overview of Cyber Security Law Trend To bring cyber security and personal information protection onto a state interest level To enact new laws and administrative rules to implement the Cyber Security Law To carry out security inspection from time to time 8 / B_LIVE_APAC1: v1
10 Legislative Development 9 / B_LIVE_APAC1: v1
11 Legislative Development New legislations since the promulgation of Cyber Security Law 10 / B_LIVE_APAC1: v1
12 Legislative Development Key Messages Encouragement of industrial informationalisation Systematical enforcement of cyber security rules Strengthened protection of personal information Linkage of data protection with national interest 11 / B_LIVE_APAC1: v1
13 Legislative Development Encouragement of industrial informationalisation Security products Equipment Service Technology Data business Big data Cloud business 12 / B_LIVE_APAC1: v1
14 Legislative Development Systematical enforcement of cyber security rules Include cyber security into existing laws Upgrade of legislative levels Consolidation and clarification of existing rules Encryption Personal Terminal Compan y server Offshore server Access Networ k Internet Network access permission Network infrastructure 13 / B_LIVE_APAC1: v1
15 Legislative Development Strengthened protection of personal information Scope of coverage Specific coverage to comprehensive coverage Detailed rules Definition Standard Process Methodology Remedies Administrative Civil Criminal 14 / B_LIVE_APAC1: v1
16 Legislative Development Linkage of data protection with national interest Personal data Business data National interest / sovereignty State secret Business continuity 15 / B_LIVE_APAC1: v1
17 Key Issues in Cyber Security Protection 16 / B_LIVE_APAC1: v1
18 Key Issues in Cyber Security Protection Do we need to retain data in China? State secret? Administrative restrictions? Threshold Security measures National interest National sovereignty Population and healthcare Financial data Achieve CII Industry Possibility of being misused Volume Selfcensorship Government screening 17 / B_LIVE_APAC1: v1
19 Key Issues in Cyber Security Protection Is depersonalization a way to bypass data protection restrictions Anonymi -zation vs. pseudonymisati on 18 / B_LIVE_APAC1: v1
20 Key Issues in Cyber Security Protection Can we outsource data processing? Business reasons Data risks Purpose of outsourcing Legal restrictions Prohibited Restricted Technical Financial Legal Vendor due diligence Conditions Informed consent Technical restrictions 19 / B_LIVE_APAC1: v1
21 Key Issues in Cyber Security Protection Are we required to procure only domestic network products / services? Licensing Requirements Security Considerations Telecoms services Network access device Encryption Security levels Supply chain risks Back door risks Excessive Reliability 20 / B_LIVE_APAC1: v1
22 Practical suggestions in protecting cyber security 21 / B_LIVE_APAC1: v1
23 Practical suggestions in protecting cyber security Hints IT risk governance and management plan Management of business process from an information governance aspect Privacy policy and informed consent Managing external service providers Incident management Cyber security as an ongoing process 22 / B_LIVE_APAC1: v1
24 Practical suggestions in protecting cyber security IT risk governance and management plan (1) External service provider Directors and senior management IT Business Legal HR 23 / B_LIVE_APAC1: v1
25 Practical suggestions in protecting cyber security IT risk management plan (2) Understand the business process Data classification Information flow Human inference Risk identification Technical risks Behavioural risks Risk mitigating measures Proactive measures Remedial measures Policy implementation Consultation and publication Policy management Training Policy Documentation To be consistent with global policy Translation Policy Review To address business concerns To meet statutory requirements 24 / B_LIVE_APAC1: v1
26 Practical suggestions in protecting cyber security Management of business process from an information governance aspect Informed consent, consistence with purpose? Need to know? Business usage Information collection /acquisition Information processing Outsourcing Data storage Management of service levels / IP rights Data disposal IT Infrastructure IT risk management Storage requirement 25 / B_LIVE_APAC1: v1
27 Practical suggestions in protecting cyber security Privacy policy and informed consent Content to be informed Necessity for current and future use Clarity and flexibility Manner of description and display Scope; Manner Technology communication channels Do we need to cover all possible future use? Depersonalization including but not limited to all other legitimate purpose Accuracy vs. plain language Manner of display and consent 26 / B_LIVE_APAC1: v1
28 Practical suggestions in protecting cyber security Managing external service providers When? IT outsourcing: call centres, data processers, IDC, cloud, developers Business vendors: distributors, subcontractors How? Due diligence Contract Auditing What? Legal restrictions SLs: responding vs. resolution Warranties and liabilities Intellectual properties Interim measures 27 / B_LIVE_APAC1: v1
29 Practical suggestions in protecting cyber security Incident management Incident appraisal Communication management Adoption of remedial measures Allocation of resulting liabilities Team formation 28 / B_LIVE_APAC1: v1
30 Practical suggestions in protecting cyber security Cyber security as an ongoing matter Development of the law Change of industrial practice Evolution of new business processes 29 / B_LIVE_APAC1: v1
31 Q&A Xun Yang Of Counsel, Shanghai T: M: E: Xun advises on commercial, regulatory and intellectual property matters with a particular focus on life science, financial services and telecoms sectors. He has significant experience in advising on technology transactions, IT services, outsourcing, IP protections, data privacy, and investment in sensitive sectors. 30 / B_LIVE_APAC1: v1
32 31 / B_LIVE_APAC1: v1
33 simmons-simmons.com elexica.com This document is for general guidance only. It does not contain definitive advice. SIMMONS & SIMMONS and S&S are registered trade marks of Simmons & Simmons LLP. Simmons & Simmons is an international legal practice carried on by Simmons & Simmons LLP and its affiliated practices. Accordingly, references to Simmons & Simmons mean Simmons & Simmons LLP and the other partnerships and other entities or practices authorised to use the name Simmons & Simmons or one or more of those practices as the context requires. The word partner refers to a member of Simmons & Simmons LLP or an employee or consultant with equivalent standing and qualifications or to an individual with equivalent status in one of Simmons & Simmons LLP s affiliated practices. For further information on the international entities and practices, refer to simmonssimmons.com/legalresp. Simmons & Simmons LLP is a limited liability partnership registered in England & Wales with number OC and with its registered office at CityPoint, One Ropemaker Street, London EC2Y 9SS. It is authorised and regulated by the Solicitors Regulation Authority. A list of members and other partners together with their professional qualifications is available for inspection at the above address. 32 / B_LIVE_APAC1: v1
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology 24 October 2017 Content Overview of Cyber Security Law Observations on Implementation of Cyber
More informationCyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology
Cyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology 8 December 2016 The Matrix (1999) 1 / L_LIVE_APAC1:5433168v1 World Internet
More informationRobert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe
Respecting Privacy, Securing Data and Enabling Trust a view from Europe Robert Bond, Partner & Notary Public Robert Bond Robert Bond has nearly 40 years' experience in advising national and international
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationData Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016
Data Protection Practical Strategies for Getting it Right Jamie Ross Data Security Day June 8, 2016 Agenda 1) Data protection key drivers and the need for an integrated approach 2) Common challenges data
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More information2017 INVESTMENT MANAGEMENT CONFERENCE NEW YORK Big Data: Risks and Rewards for Investment Management
2017 INVESTMENT MANAGEMENT CONFERENCE NEW YORK Big Data: Risks and Rewards for Investment Management Derek N. Steingarten, New York Julia B. Jacobson, Boston Barbara Bridges, VP of Legal & Compliance,
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationDistribution in the New Digital World: The EU s Digital Single Market Strategy. Peter Meyer George Morris Ajit Kainth
Distribution in the New Digital World: The EU s Digital Single Market Strategy Peter Meyer George Morris Ajit Kainth 26 May 2016 Introduction Different digital distribution models Digital single market
More informationHOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA
HOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA Ksenia Andreeva Anastasia Dergacheva Vasilisa Strizh November 27, 2018 2018 Morgan, Lewis & Bockius 2017 Morgan, Lewis & Bockius Contents News from the Russian
More informationHow to Prepare a Response to Cyber Attack for a Multinational Company.
You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC Presenters Chayan Chakravarti Manager,
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationAon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary
Aon Client Data Privacy Summary Table of Contents Our Commitment to Data Privacy 3 Our Data Privacy Principles 4 Aon Client Data Privacy Summary 2 Our Commitment to Data Privacy Data Privacy Backdrop As
More informationMotorola Mobility Binding Corporate Rules (BCRs)
Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,
More informationIntegrating Information Security Protections In Supplier Agreements: Guidance for Business and Technology Counsel
Presenting a live 90-minute webinar with interactive Q&A Integrating Information Security Protections In Supplier Agreements: Guidance for Business and Technology Counsel Evaluating Data Security Risks
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationDeveloping Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite?
Developing Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite? Minnesota RIMS 39 th Annual Seminar Risk 2011-2012: Can You Hack
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationCyber Threat Landscape April 2013
www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationGDPR is coming in less than 2 months Are you ready?
GDPR is coming in less than 2 months Are you ready? Charles-Albert Helleputte Partner, Brussels +32 2 551 5982 chelleputte@mayerbrown.com 30 March 2018 2 GDPR is everywhere... You were invited by UNICEO
More informationSECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011
American Chemistry Council Responsible Care SECURITY CODE 7 April 2011 Debra Phillips Managing Director, Responsible Care American Chemistry Council Why develop a Separate Security Code? Need for a clearly
More informationClarity on Cyber Security. Media conference 29 May 2018
Clarity on Cyber Security Media conference 29 May 2018 Why this study? 2 Methodology Methodology of the study Online survey consisting of 33 questions 60 participants from C-Level (CISOs, CIOs, CTOs) 26
More informationUSA HEAD OFFICE 1818 N Street, NW Suite 200 Washington, DC 20036
US-China Business Council Comments on The Draft Measures for Security Review of Online Products and Services March 6, 2017 On behalf of the more than 200 members of the US-China Business Council (USCBC),
More informationCyber Security Strategy
Cyber Security Strategy Committee for Home Affairs Introduction Cyber security describes the technology, processes and safeguards that are used to protect our networks, computers, programs and data from
More informationISACA Cincinnati Chapter March Meeting
ISACA Cincinnati Chapter March Meeting Recent and Proposed Changes to SOC Reports Impacting Service and User Organizations. March 3, 2015 Presenters: Sayontan Basu-Mallick Lori Johnson Agenda SOCR Overview
More informationHIPAA Privacy, Security and Breach Notification
HIPAA Privacy, Security and Breach Notification HCCA East Central Regional Annual Conference October 2013 Disclaimer The information contained in this document is provided by KPMG LLP for general guidance
More informationEnterprise resilience and the role of Standards
www.pwc.co.uk Enterprise resilience and the role of Standards Why do we have Standards? Globalisation Consistency Quality Supply chain and outsourcing Marketing value Slide 2 Stakeholder value Ultimately,
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationCyber Crime Seminar 8 December 2015
Cyber Crime Seminar Cyber Security & Financial Services in a changing regulatory landscape John Salmon Partner, Pinsent Masons LLP @uktisa Cyber Security and Financial Services: A changing regulatory landscape
More informationLCU Privacy Breach Response Plan
LCU Privacy Breach Response Plan Sept 2018 Prevention Communication & Notification Evaluation of Risks Breach Containment & Preliminary Assessment Introduction The Credit Union makes every effort to safeguard
More informationCyber Diligence. EY Deals Forum Ian McCaw EY Transaction Advisory Services
Cyber Diligence EY Deals Forum 2018 Ian McCaw EY Transaction Advisory Services Finance & Commercial Diligence 2 B COMPANY: Power Life INDUSTRY: ENERGY REVENUE: 192m EBITDA: 875k (35% growth in 5 years)
More informationProhire Software Systems Limited ("Prohire")
Prohire Software Systems Limited ("Prohire") White paper on Prohire GDPR compliance measures 11 th May 2018 Contents 1. Overview 2. Legal Background 3. How Prohire complies 4. Wedlake Bell 5. Conclusion
More informationDigital Health Cyber Security Centre
Digital Health Cyber Security Centre Current challenges Ransomware According to the ACSC Threat Report 2017, cybercrime is a prevalent threat for Australia. Distributed Denial of Service (DDoS) Targeting
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationSecurity Takes Center Stage
Security Takes Center Stage Rajesh De Partner Chair, Global Cybersecurity & Data Privacy Practice +1 202 263 3366 rde@mayerbrown.com June 7, 2016 Cyber Attacks Are Increasing in Cost and Frequency Breaches
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationOPTIMIZING CONNECTIVITY: Updated Recommendations to Improve China s Information Technology Environment
OPTIMIZING CONNECTIVITY: Updated Recommendations to Improve China s Information Technology Environment February 2018 Since China s Cybersecurity Law came into effect in June of 2017, the government has
More informationGeneral Data Protection Regulation Frequently Asked Questions (FAQ) General Questions
General Data Protection Regulation Frequently Asked Questions (FAQ) This document addresses some of the frequently asked questions regarding the General Data Protection Regulation (GDPR), which goes into
More informationM&A Cyber Security Due Diligence
M&A Cyber Security Due Diligence Prepared by: Robert Horton, Ollie Whitehouse & Sherief Hammad Contents Page 1 Introduction 3 2 Technical due diligence goals 3 3 Enabling the business through cyber security
More informationDigitalisation of Companies: What an in-house counsel needs to know
Digitalisation of Companies: What an in-house counsel needs to know Christopher Götz, Simmons & Simmons Roderick Kirwan, VEON 18 May 2017 Digitalisation of Companies Automatisation of production processes
More informationKey issues for digital product distribution and online sales in the EU. Charles Bankes Peter Meyer Ombline Ancelin Ajit Kainth
Key issues for digital product distribution and online sales in the EU Charles Bankes Peter Meyer Ombline Ancelin Ajit Kainth 10 May 2016 Agenda EU Digital Single Market Strategy Online distribution of
More informationUSER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.
These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. I. OBJECTIVE ebay s goal is to apply uniform, adequate and global data protection
More informationHF Markets SA (Pty) Ltd Protection of Personal Information Policy
Protection of Personal Information Policy Protection of Personal Information Policy This privacy statement covers the website www.hotforex.co.za, and all its related subdomains that are registered and
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationTop Five Privacy and Data Security Issues for Nonprofit Organizations
Top Five Privacy and Data Security Issues for Nonprofit Organizations Julia K. Tama, Esq. Jeffrey S. Tenenbaum, Esq. Association of Corporate Counsel Nonprofit Organizations Committee Legal Quick Hit MAY
More informationTechnology and data privacy Global perspectives
Technology and data privacy Global perspectives Anna Gamvros, Partner, Hong Kong Barbara Li, Partner, Beijing Ryan Berger, Partner, Vancouver 13 September 2018 Agenda Asia privacy developments HK and China
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationPublic vs private cloud for regulated entities
Public vs private cloud for regulated entities DC2: Restricted use The cloud is for everyone but not for everything 2 Opportunity enabler DC2: Restricted use Flexibility SAAS Public Accessibility Agility
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationManaging the risks of cloud computing
Managing the risks of cloud computing Technology thought leadership Contents Cloud computing: bringing opportunities and risks 01 Cloud computing: bringing opportunities and risks 02 What is cloud computing?
More informationDevelopments in Global Data Protection & Transfer: How They Impact Third-Party Contracts
Developments in Global Data Protection & Transfer: How They Impact Third-Party Contracts Rebecca Eisner Partner +1 312 701 8577 reisner@mayerbrown.com Mark Prinsley Partner +44 20 3130 3900] mprinsley@mayerbrown.com
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationOn the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches
On the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches An incident response orchestration platform tailored to GDPR breach management needs Publication Date: 24 Oct 2018
More informationDATA PRIVACY & PROTECTION POLICY POLICY INFORMATION WE COLLECT AND RECEIVE. Quality Management System
DATA PRIVACY & PROTECTION POLICY POLICY This Data Privacy & Protection Policy applies to ELMO Software Limited s Cloud HR & Payroll applications and platform (collectively, the Services ), elmosoftware.com.au
More information2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action
2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Casie D. Collignon Partner Denver 303.764.4037 ccollignon@bakerlaw.com
More informationAuditing IT General Controls
Auditing IT General Controls Amanthi Pendegraft and Nadine Yassine September 27, 2017 Agenda Introduction and Objectives IT Audit Fundamentals IT General Controls Overview Access to Programs and Data Program
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationPRIVACY NOTICE BACKGROUND:
PRIVACY NOTICE BACKGROUND: Simons Rodkin Solicitors LLP understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationCritical Information Infrastructure Protection Law
Critical Information Infrastructure Protection Law CCD COE Training 8 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington, Virginia.
More informationThe Role of the Data Protection Officer
The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationThe Future of IT Internal Controls Automation: A Game Changer. January Risk Advisory
The Future of IT Internal Controls Automation: A Game Changer January 2018 Risk Advisory Contents Introduction 01 Future Operating Models for Managing Internal Controls 02 Summary 07 Introduction Internal
More informationFDIC InTREx What Documentation Are You Expected to Have?
FDIC InTREx What Documentation Are You Expected to Have? Written by: Jon Waldman, CISA, CRISC Co-founder and Executive Vice President, IS Consulting - SBS CyberSecurity, LLC Since the FDIC rolled-out the
More informationHong Kong s Personal Data (Privacy) Ordinance
Asia Privacy Bridge Forum 11 May 2016 Hong Kong s Personal Data (Privacy) Ordinance Fanny Wong Deputy Privacy Commissioner for Personal Data Hong Kong, China The Personal Data Landscape in Asia 2011 2003
More informationApplication for Certification
Application for Certification Requirements to Become a Certified Information Security Manager To become a Certified Information Security Manager (CISM), an applicant must: 1. Score a passing grade on the
More informationFive Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification
July 2016 Follow @Paul_Hastings Five Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification By Paul Hastings Global Privacy and Cybersecurity
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationBest Practices for Campus Security. January 26, 2017
Best Practices for Campus Security January 26, 2017 Welcome to Safe University (Safe U ) Protecting People, Property, and Tradition: The Safe University (Safe U SM ) Program By G. Michael Verden, Owner
More informationThe HIPAA Omnibus Rule
The HIPAA Omnibus Rule What You Should Know and Do as Enforcement Begins Rebecca Fayed, Associate General Counsel and Privacy Officer Eric Banks, Information Security Officer 3 Biographies Rebecca C. Fayed
More informationVulnerability Assessments and Penetration Testing
CYBERSECURITY Vulnerability Assessments and Penetration Testing A guide to understanding vulnerability assessments and penetration tests. OVERVIEW When organizations begin developing a strategy to analyze
More informationencrypted, and that all portable devices (laptops, phones, thumb drives, etc.) be encrypted while in use and while at rest?
Data Privacy According to statistics provided by the Data Breach Level Index, hackers and thieves are stealing more than 227,000 personal records per hour as of 2017, generally targeting customer information
More informationThe Impact of Cybersecurity, Data Privacy and Social Media
Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus
More information2014 Luxury & Fashion Industry Conference for Multinationals
2014 Luxury & Fashion Industry Conference for Multinationals Privacy, Data Protection, and the Impact of Social Media and Online Behavioral Advertising on the Industry Anna Gamvros, Hong Kong Francesca
More informationThe Apple Store, Coombe Lodge, Blagdon BS40 7RG,
1 The General Data Protection Regulation ( GDPR ) is the new legal framework that will come into effect on the 25th of May 2018 in the European Union ( EU ) and will be directly applicable in all EU Member
More informationGoverning cyber security risk: It s time to take it seriously Seven principles for Boards and Investors
www.pwc.co.uk Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors Dr. Richard Horne Cyber Security Partner PwC January 2017 Board governance is often
More informationBig data privacy in Australia
Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that
More informationGovernment Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security
Government Resolution No. 2443 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security It is hereby resolved:
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationIT Attestation in the Cloud Era
IT Attestation in the Cloud Era The need for increased assurance over outsourced operations/ controls April 2013 Symeon Kalamatianos M.Sc., CISA, CISM Senior Manager, IT Risk Consulting Contents Introduction
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationLegal, Ethical, and Professional Issues in Information Security
Legal, Ethical, and Professional Issues in Information Security Downloaded from http://www.utc.edu/center-information-securityassurance/course-listing/cpsc3600.php Minor Changes from Dr. Enis KARAARSLAN
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationOverview. Business value
PRODUCT SHEET CA Top Secret for z/vse CA Top Secret for z/vse CA Top Secret for z/vse provides innovative and comprehensive security for business transaction environments which enable your business to
More informationKnowledge Portal User Guide (Interactive PDF)
Email Account information is on the top navigation bar Search bar is above main content navigation System Click chevrons to scroll through different articles Click to filter your recommendations Icons
More informationProtecting Personal Data from Cyber-Attacks
News Alert May 2017 Protecting Personal Data from Cyber-Attacks Last week the world woke up to the latest cyber-attack of 2017. Initially striking the NHS in the UK, the malicious WannaCrypt ransomware
More informationPOSITION DESCRIPTION
Network Security Consultant POSITION DESCRIPTION Unit/Branch, Directorate: Location: Regulatory Unit Information Assurance and Cyber Security Directorate Auckland Salary range: I $90,366 - $135,548 Purpose
More informationProtecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014
Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented
More informationDATA PRIVACY & SECURITY THE CHANGING HIPAA CLIMATE
DATA PRIVACY & SECURITY THE CHANGING HIPAA CLIMATE Melodi (Mel) M. Gates mgates@pattonboggs.com (303) 894-6111 October 25, 2013 THE CHANGING PRIVACY CLIMATE z HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY
More informationAccelerate GDPR compliance with the Microsoft Cloud
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with
More informationMarketing Law in Canada Has Changed... Are You Ready?
Email Marketing Law in Canada Has Changed... Are You Ready? Webinar May 29 th, 2014 Hosted by: Tracey Hart, Director of Marketing, Discover Boating Canada Presented by: Lonnie Brodkin-Schneider, Partner,
More informationBuilding Trust in the Cloud Era - Protect, Respect Personal Data
Cloud Expo Asia 18 May 2016 Building Trust in the Cloud Era - Protect, Respect Personal Data Stephen Kai-yi Wong Privacy Commissioner for Personal Data, Hong Kong The Hong Kong Data Protection Law The
More information