Data Privacy Management in a Digital Age
|
|
- Ophelia Hodges
- 5 years ago
- Views:
Transcription
1 Data Privacy Management in a Digital Age Abstract Stringent data protection regulations across the world require organizations to ensure adequate privacy of sensitive data residing within their organizational boundaries. The regulations mandate that organizations adopt a governed approach to data privacy management when they share data with stakeholders externally - within the country or across national borders. The need of the hour is a structured framework to ensure governance-based data privacy management and data sharing. Within an organization, an apex body comprising skilled data governance professionals can leverage a distributed data management solution to help the organization implement a centralized framework. This framework would be aimed at ensuring compliance with data privacy, consent collection, and governance requirements of international as well as national data protection regulations. This paper talks about effective data privacy governance framework and highlights the need for a distributed data management solution.
2 Stringent Data Privacy Regulations a Necessity Over the last decade, digital technologies have transformed the way enterprises work. However, the digital age has also been marked by cyber-attacks, causing massive reputational and nancial damage to organizations. The cybercrime report by Cybersecurity Ventures predicts that global cybercrime costs 1 will be USD 6 trillion annually by According to Gemalto, in rst half of 2017 alone, there were 918 data breaches that 2 compromised 1.9 billion records. These statistics highlight the fact that there is a need to ensure comprehensive data privacy and governance. With advancements in data analytics and smart technologies, most organizations today leverage insights from large volumes of varied data gathered from multiple sources to drive competitive advantage. At the same time, the non-compliance resulting from unauthorized data access forces organizations to nd more effective ways of protecting and governing the data - both at rest and in motion. To help organizations effectively prevent data breaches and safeguard sensitive data, various countries have established data privacy regulations. Some examples include Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada, Personal Information Protection Act (PIPA) of South Korea, and the recently promulgated General Data Protection Regulation (GDPR) of the European Union. In addition, there are industry speci c regulations such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) of the US. Adhoc Operational and Support Strategic and Business Individual and Enterprise Figure 1: Evolution of Data Privacy Focus
3 Over the years, data protection regulations have become increasingly stringent. The focus has shifted from ad hoc data privacy measures to a highly individual-centric data privacy ideology. Figure 1 depicts the evolution of the focus of data privacy from the pre-digitization era (sensitive data access was physically controlled) to a digitized era (the need for data privacy is driven by individuals). GDPR is a good example of individual-focused data regulation that heavily penalizes 3 organizations in case of data breaches. Cross Border Data Flow Origin of Unique Data Protection Challenges With the world getting more digitally connected by the day, there is increasing demand for open data. While freely available data has the potential to create new business opportunities, the need to protect personal data cannot be understated. To protect individual data across borders, various countries have developed legal frameworks such as EU-US Privacy Shield, Asia-Paci c Economic Cooperation (APEC), and Cross-Border Privacy Rules (CBPR) System, as well as data transfer legal agreements including standard contractual clauses and binding corporate rules. Although there are various region and industry-speci c data privacy laws, there is no common framework for cross border data ow. This makes implementation and enforcement of the data privacy policies dif cult and complex. Effective Data Privacy Governance: Need for Distributed Data Management Solution The proposed distributed data management solution is described by centralized data privacy management and localized implementation of privacy regulations. The key components of the solution and recommended steps for its execution are described as under: Centralized data privacy governance council: Ideally, organizations should create a central data privacy governance council comprising subject matter experts from the areas of data security, data governance, legal and regulatory compliance, business continuity and risk management. Typically, this council will be headed by roles such as Chief Data Of cer (CDO) or Data Protection Of cer (DPO). This council is tasked with three important responsibilities:
4 - De ning data privacy policies while maintaining the right balance between privacy compliance and business bene ts. - Ensuring enforcement by periodically revisiting, standardizing, and monitoring existing data privacy policies, deploying risk identi cation and mitigation frameworks, and reviewing third party legal agreements with clients such as vendors. - Conducting continuous awareness sessions to ensure data privacy and accountability across the organization. Data discovery and classi cation: With huge volumes of data stored across various applications and data centers, it is essential to rst locate and classify the data as sensitive and non-sensitive. The data discovery, classi cation, and movement tracking features of a distributed data management solution can help locate and classify data, while metadata and data pattern matching drive data discovery. Consent collection and management: Ideally, consent management should be deployed at the regional level to collect the consent of individuals whose data is collected and stored. This consent should be stored and managed centrally by distributed data management solution. Data privacy policy digitization: A distributed data management solution requires the digitization of all data privacy policies as laid down by the data privacy governance council. Various data protection techniques such as anonymization, masking, pseudonymization, encryption, or tokenization can be applied during the digitization process. Much like an individual s consent, the policies should be implemented locally but managed centrally. Data request management: To manage data requests, it is essential that all data provisioning and modi cation requests follow a work ow-driven, maker-checker approach. Before sharing the data, organizations are required to enforce some of the aforesaid data protection techniques. In addition, they have to reconcile data requests against the central consent and purpose repository. Any mismatch can then be automatically reported and a log of the activities provided to the governing body for compliance. In essence, collection, sharing, and deletion of sensitive data should be monitored using the distributed data management solution.
5 Data breach management: To ensure automated noti cations in the event of data breaches, the existing data breach management framework should be enhanced and integrated with the distributed data management solution. Meeting Data Privacy Needs of the Future Heightened customer concern regarding data privacy and increasing regulatory mandates are realities that all organizations face today. According to a survey, 92 percent of US internet users are worried about their online privacy and 89 percent say that they would avoid companies that do not 4 protect their privacy. Effective data privacy governance demands digitization using appropriate tools and technologies. A distributed data management solution can co-exist with existing IT applications and also scale up to address the evolving needs of data privacy management. References [1] Cybersecurity Ventures, Cybercrime Report, October 2017, accessed December 2017, / [2] Information on Gemalto website, accessed December Gemalto N.V. All rights reserved. Gemalto, Gemalto logos and product and/or service names are trademarks of Gemalto N.V. or its af liates. Identity-Theft-and-Poor-Internal-Security-Practices-Take-a-Toll.aspx [3] TCS, GDPR Deadline is Approaching, Are You Ready?, August 2017, accessed December 2017, [4] TrustArc, 2016 TRUSTe/NCSA Consumer Privacy Infographic, 2016, accessed December 2017,
6 About The Authors Jayant Dani Jayant Dani is the Chief Architect and Principal Consultant of TCS MasterCraft DataPlus integrated data management platform. With over 20 years of experience in the IT industry, Dani played a leading role in setting up the Big Data practice at Tata Consultancy Services (TCS). He currently spearheads the conceptualization, architecture, design, and engineering of TCS MasterCraft DataPlus platform. His expertise spans technical leadership of large solution teams, client relationship management, and large scale implementations management. Dani is also actively involved in architecting technology solutions across industry verticals and has a number of publications and patents to his credit. He is a Data Security Council of India (DSCI) certified Privacy Lead Assessor and OpenGroup Certified Master Architect. Dani holds a Master of Engineering Degree in Software System from BITS Pilani in Contact Visit the Mastercraft page on mastercraft.sales@tcs.com Sameer Rane Sameer Rane is a Pre-Sales Consultant for TCS MasterCraft DataPlus platform. Rane has 14 years of experience in the IT industry. He has played a leading role in the maintenance, deployment, and management of banking products in the field of treasury and branch management. An expert in the technical leadership of solution delivery teams and customer relationship management, Rane holds a Master Of Science Degree in Electronics and Telecommunications from Mumbai University in Subscribe to TCS White Papers TCS.com RSS: Feedburner: About Tata Consultancy Services Ltd (TCS) Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT and IT-enabled, infrastructure, engineering and assurance services. This is delivered through its unique Global Network Delivery Model, recognized as the benchmark of excellence in software development. A part of the Tata Group, India s largest industrial conglomerate, TCS has a global footprint and is listed on the National Stock Exchange and Bombay Stock Exchange in India. For more information, visit us at All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and other applicable laws, and could result in criminal or civil penalties. Copyright 2018 Tata Consultancy Services Limited TCS Design Services I M I 01 I 18
EU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationSafeguarding Enterprise Web Applications
Safeguarding Enterprise Web Applications Abstract As digital technologies and connected devices become an integral part of the enterprise IT infrastructure, they open up new avenues of attack for threat
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationngenius Products in a GDPR Compliant Environment
l FAQ l ngenius Products in a GDPR Compliant Environment This document addresses questions from organizations that use ngenius Smart Data Core platform and application products and are evaluating their
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationCisco Webex Messenger
Cisco Webex Messenger This describes the processing of personal data (or personal identifiable information) by Cisco Webex Messenger. 1. Overview of Cisco Webex Messenger Capabilities Cisco Webex Messenger
More informationPutting It All Together:
Putting It All Together: The Interplay of Privacy & Security Regina Verde, MS, MBA, CHC Chief Corporate Compliance & Privacy Officer University of Virginia Health System 2017 ISPRO Conference October 24,
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationWHITE PAPER. Meeting GDPR Challenges with Delphix. KuppingerCole Report
KuppingerCole Report WHITE PAPER by Mike Small December 2017 GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.
More informationGetting Your Privacy House in Order
Getting Your Privacy House in Order Lisa J. Sotto Ewa Abrams Victoria King Partner Associate General Counsel Global Privacy Officer Hunton & Williams LLP Tiffany & Co. UPS (212) 309-1223 (212) 230-5351
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security INDIA EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Rising risks for sensitive data in India In India, as in the rest of the
More informationNew Requirements for Legal Analytics & Artificial Intelligence Under the GDPR
New Requirements for Legal Analytics & Artificial Intelligence Under the GDPR Summary The way your organization has processed data for years even for decades may create new legal liability under the EU
More informationEU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS
EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS MEET THE EXPERTS DAVID O LEARY Director, Forsythe Security Solutions THOMAS ECK Director, Forsythe Security Solutions ALEX HANWAY Product
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationGeneral Data Protection Regulation Frequently Asked Questions (FAQ) General Questions
General Data Protection Regulation Frequently Asked Questions (FAQ) This document addresses some of the frequently asked questions regarding the General Data Protection Regulation (GDPR), which goes into
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationSmart Software Licensing tools and Smart Account Management Privacy DataSheet
Smart Software Licensing tools and Smart Account Management Privacy DataSheet This Privacy DataSheet describes the processing of personal data (or personal identifiable information) by Smart Software Licensing
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationIMPACT OF INTERNATIONAL PRIVACY REGULATIONS. Michelle Caswell, Coalfire Julia Jacobson, K&L Gates
IMPACT OF INTERNATIONAL PRIVACY REGULATIONS Michelle Caswell, Coalfire Julia Jacobson, K&L Gates Introduction to International Privacy Law General Data Protection Regulation 2 2018 HITRUST Alliance What
More informationFOR FINANCIAL SERVICES ORGANIZATIONS
RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly
More informationWorkday s Robust Privacy Program
Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationHybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure
Hybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for SevOne May 2017 IT & DATA MANAGEMENT RESEARCH,
More informationeguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments
eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number
More informationSafeguards on Personal Data Privacy.
Safeguards on Personal Data Privacy. Peter Koo Partner, Enterprise Risk Services Deloitte Touche Tohmatsu Maverick Tam Associate Director, Enterprise Risk Services Deloitte Touche Tohmatsu Deloitte ERS
More informationModern Database Architectures Demand Modern Data Security Measures
Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing
More informationClosing the Hybrid Cloud Security Gap with Cavirin
Enterprise Strategy Group Getting to the bigger truth. Solution Showcase Closing the Hybrid Cloud Security Gap with Cavirin Date: June 2018 Author: Doug Cahill, Senior Analyst Abstract: Most organizations
More informationGDPR: Is it just another regulation or a great opportunity for operational excellence? Athens, February 2018
GDPR: Is it just another regulation or a great opportunity for operational excellence? Athens, February 2018 GDPR Roadmap Continuous Awareness Program Implement Privacy Solutions Intergrade Privacy into
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationPackage of initiatives on Cybersecurity
Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating
More informationA Modern European Data Protection Framework
A Modern European Data Protection Framework India, March 2018 Ralf Sauer European Commission, DG Justice Outline 1) 1. The new EU data protection framework 2) 2. The transition period 3) 3. GDPR: trust,
More informationEnhancing Security With SQL Server How to balance the risks and rewards of using big data
Enhancing Security With SQL Server 2016 How to balance the risks and rewards of using big data Data s security demands and business opportunities With big data comes both great reward and risk. Every company
More informationWHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help
WHITE PAPER The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help ii Contents Personal Data Defined... 1 Why the GDPR Is Such a Big Deal... 2 Are You Ready?...
More informationDeveloping Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite?
Developing Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite? Minnesota RIMS 39 th Annual Seminar Risk 2011-2012: Can You Hack
More informationAvanade s Approach to Client Data Protection
White Paper Avanade s Approach to Client Data Protection White Paper The Threat Landscape Businesses today face many risks and emerging threats to their IT systems and data. To achieve sustainable success
More informationEBOOK The General Data Protection Regulation. What is it? Why was it created? How can organisations prepare for it?
EBOOK The General Data Protection Regulation What is it? Why was it created? How can organisations prepare for it? How the General Data Protection Regulation evolved and what it means for businesses The
More informationInternationalization & Localization Testing - A Case Study
Your Software Testing Partner Excellence Partnership Commitment Internationalization & Localization Testing - A Case Study Outsourcing Internationalization and Localization Testing to an expert ensures
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationCustomer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach
Customer Breach Support A Deloitte managed service Notifying, supporting and protecting your customers through a data breach Customer Breach Support Client challenges Protecting your customers, your brand
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationOverview of Akamai s Personal Data Processing Activities and Role
Overview of Akamai s Personal Data Processing Activities and Role Last Updated: April 2018 This document is maintained by the Akamai Global Data Protection Office 1 Introduction Akamai is a global leader
More informationFive Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification
July 2016 Follow @Paul_Hastings Five Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification By Paul Hastings Global Privacy and Cybersecurity
More informationBenefits of Open Cross Border Data Flows
/SMEWG41/039 Agenda Item: 16.3 Benefits of Open Cross Border Data Flows Purpose: Information Submitted by: United States 41 st Small and Medium Enterprises Working Group Meeting Iloilo, Philippines 23-24
More informationIBM Security Services Overview
Services Overview Massimo Nardone Senior Lead IT Security Architect Global Technology Services, IBM Internet Security Systems massimo.nardone@fi.ibm.com THE VEHICLE THE SKILL THE SOLUTION Today s Business
More informationIntroduction to AWS GoldBase
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationIT Consulting and Implementation Services
PORTFOLIO OVERVIEW IT Consulting and Implementation Services Helping IT Transform the Way Business Innovates and Operates 1 2 PORTFOLIO OVERVIEW IT Consulting and Implementation Services IT is moving from
More informationencrypted, and that all portable devices (laptops, phones, thumb drives, etc.) be encrypted while in use and while at rest?
Data Privacy According to statistics provided by the Data Breach Level Index, hackers and thieves are stealing more than 227,000 personal records per hour as of 2017, generally targeting customer information
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationDon t Be the Next Headline! PHI and Cyber Security in Outsourced Services.
Don t Be the Next Headline! PHI and Cyber Security in Outsourced Services. June 2017 Melanie Duerr Fazzi Associates Partner, Director of Coding Operations Jami Fisher Fazzi Associates Chief Information
More informationSecure Messaging Mobile App Privacy Policy. Privacy Policy Highlights
Secure Messaging Mobile App Privacy Policy Privacy Policy Highlights For ease of review, Everbridge provides these Privacy Policy highlights, which cover certain aspects of our Privacy Policy. Please review
More informationEnabling Hybrid Cloud Transformation
Enterprise Strategy Group Getting to the bigger truth. White Paper Enabling Hybrid Cloud Transformation By Scott Sinclair, ESG Senior Analyst November 2018 This ESG White Paper was commissioned by Primary
More informationTop Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk
Top Reasons To Audit An IAM Program Bryan Cook Focal Point Data Risk Focal Point Data Risk A New Type of Risk Management Firm THE FACTS Born from the merger of three leading security & risk management
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More information2017/SOM3/DIA/007 Digital Trade Building Blocks
2017/SOM3/DIA/007 Digital Trade Building Blocks Submitted by: Information Technology Industry Council Dialogue on Regional Trade Agreements and Free Trade Agreements Ho Chi Minh City, Viet Nam 27 August
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationPCI compliance the what and the why Executing through excellence
PCI compliance the what and the why Executing through excellence Tejinder Basi, Partner Tarlok Birdi, Senior Manager May 27, 2009 Agenda 1. Introduction 2. Background 3. What problem are we trying to solve?
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationCOMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN
COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1 CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING
More informationA Practical Step-by-Step Guide to Managing Cloud Access in your Organization
GUIDE BOOK 4 Steps to Cloud Access Management A Practical Step-by-Step Guide to Managing Cloud Access in your Organization Cloud Access Challenges in the Enterprise Cloud apps in the enterprise have become
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationThe Role of the Data Protection Officer
The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services
More informationEngaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,
Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager, Deloitte & Touche LLP 1 Speaker Introduction Sanjeev
More informationDisruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise
Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions
More informationGetting ready for GDPR
Getting ready for GDPR Cybersecurity for Data Protection Brought to you by: What is GDPR? The (GDPR) is the European Union s response to the increasing privacy demands of the European society. The primary
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationA Checklist for Cybersecurity and Data Privacy Diligence in TMT Transactions
May 2018 TMT INSIGHTS From the Debevoise Technology, Media & Telecommunications Practice A Checklist for Cybersecurity and Data Privacy Diligence in TMT Transactions Companies in the technology, media
More informationIntelligent Building and Cybersecurity 2016
Intelligent Building and Cybersecurity 2016 Landmark Research Executive Summary 2016, Continental Automated Buildings Association Presentation Contents 1. About CABA, Compass Intelligence & This Research
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationEUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE
EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile
More informationData Privacy in Your Own Backyard
White paper Data Privacy in Your Own Backyard Staying Secure Under New GDPR Employee Internet Monitoring Rules www.proofpoint.com TABLE OF CONTENTS INTRODUCTION... 3 KEY GDPR PROVISIONS... 4 GDPR AND EMPLOYEE
More informationGDPR Partner Marketing Campaign Playbook
GDPR Partner Marketing Campaign Playbook GDPR What is it and why it matters? Organizational Impact: Organizations must appoint a Data Protection Officer, train stakeholders on handling personal and sensitive
More informationFIS Global Partners with Asigra To Provide Financial Services Clients with Enhanced Secure Data Protection that Meets Compliance Mandates
Case Study FIS Global Partners with Asigra To Provide Financial Services Clients with Enhanced Secure Data Protection that Meets Compliance Mandates World s largest global provider dedicated to banking
More informationCognizant Cloud Security Solution
CLOUD SECURITY OVERVIEW Cognizant Cloud Security Solution Transform your security operation to protect your business across public and hybrid cloud environments. December 2017 The advantages of moving
More informationGDPR COMPLIANCE REPORT
2018 GDPR COMPLIANCE REPORT INTRODUCTION Effective as of May 25, 2018, the European Union General Data Protection Regulation (GDPR) represents the most sweeping change in data privacy regulation in decades.
More information2017 RIMS CYBER SURVEY
2017 RIMS CYBER SURVEY This report marks the third year that RIMS has surveyed its membership about cyber risks and transfer practices. This is, of course, a topic that only continues to captivate the
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationBy 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1
By 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1 The question is no longer: How do I move to the cloud? Instead, it s Now that I m in the cloud, how do I make sure
More informationANTICIPATE. MITIGATE. PROTECT.
ANTICIPATE. MITIGATE. PROTECT. FROM ESSENTIAL NEWS AND EXPERT ANALYSIS TO TOOLS THAT HELP YOU MAP YOUR STRATEGIES, BLOOMBERG LAW: PRIVACY & DATA SECURITY DELIVERS. Stay Connected #BloombergLaw @BloombergLaw
More informationAccelerate GDPR compliance with the Microsoft Cloud
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationIT TRENDS REPORT 2016:
IT TRENDS REPORT 2016: THE HYBRID IT EVOLUTION NORTH AMERICA WHAT WE COVER IN THE REPORT IT TRENDS REPORT 2016: THE HYBRID IT EVOLUTION Introduction Key Findings Recommendations Full Survey Results INTRODUCTION
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationDeliver Data Protection Services that Boost Revenues and Margins
FAMILY BROCHURE Gemalto s SafeNet Identity and Data Protection Solutions for Service Providers Deliver Data Protection Services that Boost Revenues and Margins Today, your customers and prospects are facing
More informationLes joies et les peines de la transformation numérique
Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education
More informationPosition Title: IT Security Specialist
Position Title: IT Security Specialist SASRIA SOC LIMITED Sasria, a state-owned company, is the only short-term insurer in South Africa that provides affordable voluntary cover against special risks such
More informationSOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE
HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling
More informationCyber Due Diligence: Understanding the New Normal in Corporate Risk
Cyber Due Diligence: Understanding the New Normal in Corporate Risk Gillian Stacey, Davies Ward Phillips & Vineberg LLP Donald Good, Navigant Consulting Peter Gronvall, Navigant Consulting 8:30 to 10:00
More informationRecommendations on How to Tackle the D in GDPR. White Paper
Recommendations on How to Tackle the D in GDPR White Paper ABOUT INFORMATICA Digital transformation changes expectations: better service, faster delivery, with less cost. Businesses must transform to stay
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More information