Towards an integrated regulation platform in Luxembourg. Information Security Education Day th of april

Similar documents
Erkuden Rios MARCH 2017, EXCEL LONDON

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

ACCENTURE & HITACHI VANTARA ACCENTURE CLOUD INNOVATION CENTER

EU Innovation Investments: The Challenges met by Innovation Infrastructures Today in Europe

Israel and ICS Cyber Security

Level 4 Diploma in Computing

THE TRUSTED NETWORK POWERING GLOBAL SUPPLY CHAINS AND THEIR COMMUNITIES APPROVED EDUCATION PROVIDER INFORMATION PACK

Cloud Computing Standards C-SIG Plenary Brussels, 15 February Luis C. Busquets Pérez DG CONNECT E2

Accelerating Cloud Adoption

Platform Economy and Trustworthiness Standardization

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Next Generation Policy & Compliance

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Package of initiatives on Cybersecurity

GDPR: Is it just another regulation or a great opportunity for operational excellence? Athens, February 2018

In Accountable IoT We Trust

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

SECURETexas Health Information Privacy & Security Certification Program

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know

Secure Messaging is far more than traditional encryption.

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

NIS Standardisation ENISA view

EU policy and the way forward for smart meters and smart grids

UAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Securing Your Most Sensitive Data

MUTUAL RECOGNITION MECHANISMS. Tahseen Ahmad Khan

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cipherpost Pro is far more than traditional encryption.

Cisco Webex Messenger

CHALLENGES GOVERNANCE INTEGRATION SECURITY

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

Understanding my data and getting value from it

The importance of STANDARDS to ensure ACCOUNTABILITY and GOVERNANCE in ehealth-ict security processes

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise

HITRUST CSF Roadmap for 2018 and Beyond HITRUST Alliance.

A global open source ecosystem for power systems

GDPR: The Day After. Pierre-Luc REFALO

Transport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Asset Management conference 2016

Identify adequate calls and analyze the call text

MOBIUS + ARKIVY the enterprise solution for MIFID2 record keeping

CYBER SECURITY AIR TRANSPORT IT SUMMIT

The Impact of Privacy on HP s Customer Relationship Management Solution

Government IT Modernization and the Adoption of Hybrid Cloud

General Framework for Secure IoT Systems

BHConsulting. Your trusted cybersecurity partner

Kick-off Meeting DPIA Test phase

Accelerating High Performance Manufacturing

European Open Science Cloud Implementation roadmap: translating the vision into practice. September 2018

ACCENTURE & COMMVAULT ACCENTURE CLOUD INNOVATION CENTER

Discussion on MS contribution to the WP2018

Modern Database Architectures Demand Modern Data Security Measures

NIS-Directive and Smart Grids

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

The SPARKS Project Motivation, Objectives and Results

Cyber Security in Europe and CEER s new PEER initiative

Table of Contents. Why Get Secure Messaging? Secure Messaging Business Advantages

DATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK)

Digital Healthcare. Yordan Iliev Director R&D Healthcare. Regional Cybersecurity Forum, November 2016, Grand Hotel Sofia, Bulgaria

Track 1 // Collaboration & Partnerships

Information technology Security techniques Code of practice for personally identifiable information protection

Accelerate Your Enterprise Private Cloud Initiative

Network and Information Security Directive

Vulnerability Assessments and Penetration Testing

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Express Monitoring 2019

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

EPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use

The future role of DSOs in the context of the Clean Energy for All Europeans package

EU Cloud Computing Policy. Luis C. Busquets Pérez 26 September 2017

The Arab ICT Organization

Update from HIMSS National Privacy & Security. Lisa Gallagher, VP Technology Solutions November 14, 2013

Future-Proof Security & Privacy in IoT

Cyber Security in Smart Commercial Buildings 2017 to 2021

Cybersecurity Policy in the EU: Security Directive - Security for the data in the cloud

Building Blocks and Rationale of Broadband Plans

Big Data Value cppp Big Data Value Association Big Data Value ecosystem

How UAE is Driving Smart Sustainable Cities: key Achievements and Future Considerations

Angela McKay Director, Government Security Policy and Strategy Microsoft

Data Security: Public Contracts and the Cloud

John Snare Chair Standards Australia Committee IT/12/4

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Copyright 2011 EMC Corporation. All rights reserved.

Directive on Security of Network and Information Systems

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Turning Risk into Advantage

Cloud28+ Compliance in Cross Border Business

COURSE BROCHURE. COBIT5 FOUNDATION Training & Certification

Bringing EU Cybersecurity & privacy research results closer to the market

Cybersecurity Considerations for GDPR

Pierre Sebellin. Systems Technical Officer International Electrotechnical Commission

Commonwealth Cyber Declaration

Creating NIS Compliant Country in a Non-Regulated Environment. Jurica Čular

Cyber Secure Dashboard Cyber Insurance Portfolio Analysis of Risk (CIPAR) Cyber insurance Legal Analytics Database (CLAD)

Building a Resilient Security Posture for Effective Breach Prevention

TIES for Microsoft CityNext Next-Generation Situational Awareness

Transcription:

Towards an integrated regulation platform in Luxembourg Information Security Education Day 2017-28 th of april

Context A complex and inter-connected digital ecosystem contributing to all sectors A set of regulators Data center Cloud Integrator Archiving epayment Banks Funds Telco Digital currencies Insurance Trusted Digital Ecosystem Right trade-off between regulation and innovation, between regulation and implementation costs, Dynamic adaptation of the ecosystem to new risks and new legal and regulatory requirements

Origins of the story ILR project for the Telco regulation Analysis & Feedbacks Regulator Data Platform Telco Business /Risks/Compliance Models Risk Management Training Risk&Compliance Management Tool (TISRIM)

Origins of the story ILR project for the Telco regulation

Risk Management Compliance Management Process Management Incident Management Sourcing Management Application Security Management Towards an integrated regulation platform in Luxembourg Platform Regulated companies Trainings GRC Models Repository Regulation Business Analytics GRC Data Repository Regulators

Platform Connect & upload Report E-SERVICES PILLAR On-Line GRC Services PLATFORM PILLAR GRC Models Repository GRC Data Repository R&D PILLAR Model transformation Regulation Engineering Data Analytics

GRC models approach Compliance Reference Model Sectoral Model GRC Models Repository

Sectoral models approach Services Capabilities Infrastructures Competencies IT Applications Informations Equipements

How does it work? ISO/IEC 27001 for a data center 1 Compliance Management Specific sectoral model for data center Questions and references Expected results - Notices & links to related legal requirements 2 Risk Management Specific catalogue of risks for data center 3 Process Management Specific process model for data center 4 Dashboard & reporting

How does it work? GDPR for an hospital 1 Compliance Management Specific privacy sectoral model for hospital & processing activities assessment Questions and references Expected results - Notices & links to related legal requirements 2 Risk Management Specific catalogue of risks for hospital 3 Process Management Specific process model and record of processing activities for hospital 4 Dashboard & reporting

Uniqueness GRC & Sectoral model based approach Collaborative approach to produce and share a standardized knowledge Gathering different regulators on a single point of exchange Interoperability of tools Opening data analytics capabilities Automation of the implementation of legal requirement

Benefits Key benefits for the regulated entities Facilitating exchange with regulators Improving the quality, agility and efficiency in the GRC activities Optimizing the multi-regulation reporting Key benefits for the regulators Mutualizing and leveraging the new regulatory technologies adoption Improving the quality, agility and efficiency in the regulation activities Allowing benchmarking and systemic Analyses Key benefits for the Digital Ecosystem of Luxembourg Branding the Luxembourg Digital Ecosystem Trusted Hub Increasing the competitiveness and trust of national smart industries Pushing a new smart regulatory industry

Challenges Extension of the scope of our approach (models & tools) to other regulations, standards, laws Development of the data analytics capabilities/skills and exploitation by the regulators and for the regulated entities Assistance of the regulators in the model engineering and maintenance and cross regulations models Development of the cross services approach : compliance vs risk, risk vs sourcing

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback