IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

Similar documents
Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Turning Risk into Advantage

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Introduction. When it comes to GDPR compliance, is OK for now enough? Minds made for protecting financial services

Emerging Technologies The risks they pose to your organisations

Demonstrating data privacy for GDPR and beyond

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

Improve the User Experience on Your Website

BREAKING BARRIERS TO COLLABORATE WITH THE C-SUITE

Cybersecurity. Securely enabling transformation and change

Citation for published version (APA): Berthing, H. H. (2014). Vision for IT Audit Abstract from Nordic ISACA Conference 2014, Oslo, Norway.

Securing Your Digital Transformation

BHConsulting. Your trusted cybersecurity partner

GDPR: A QUICK OVERVIEW

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

SECURING THE DIGITAL ECONOMY. Reinventing the Internet for Trust

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

SOC for cybersecurity

Cyber Security is it a boardroom issue?

Build confidence in the cloud Best practice frameworks for cloud security

Risk Advisory Academy Training Brochure

Run the business. Not the risks.

Data Management and Security in the GDPR Era

ISO 27001:2013 certification

Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

MITIGATE CYBER ATTACK RISK

BHConsulting. Your trusted cybersecurity partner

EY s data privacy service offering

Modern Database Architectures Demand Modern Data Security Measures

Avanade s Approach to Client Data Protection

SELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats

How Secure is Blockchain? June 6 th, 2017

IT Consulting and Implementation Services

COBIT 5 With COSO 2013

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

CFOs in a new global environment Sandy Cockrell, Deloitte

Security and Privacy Governance Program Guidelines

Angela McKay Director, Government Security Policy and Strategy Microsoft

13.f Toronto Catholic District School Board's IT Strategic Review - Draft Executive Summary (Refer 8b)

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

A SERVICE ORGANIZATION S GUIDE SOC 1, 2, & 3 REPORTS

Cognizant Cloud Security Solution

Agile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners

A Framework for Managing Crime and Fraud

Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation

The value of visibility. Cybersecurity risk management examination

THALES DATA THREAT REPORT

Public Sector Cyber Security Series

A Global Look at IT Audit Best Practices

The State of Cybersecurity and Digital Trust 2016

INSIDE. 2 Introduction 15 Conclusion 4 Cyber: A Top-of-Mind Concern A Message From Morrison & Foerster s Global Privacy & Data Security Chair

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Developing your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR)

Big data privacy in Australia

PROTECT YOUR DATA AND PREPARE FOR THE EUROPEAN GENERAL DATA PROTECTION REGULATION

Global Information Security Survey. A life sciences perspective

GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES

Data Privacy in Your Own Backyard

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Incident Response Services

The Windstream Enterprise Advantage for Banking

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Getting Your Privacy House in Order

Better skilled workforce

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.

AT&T Endpoint Security

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Cyber Risk and Networked Medical Devices

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

Three Key Challenges Facing ISPs and Their Enterprise Clients

GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Powering Resilience. Keep your business on 24/7. Proposition series September 2017

Cybersecurity Protecting your crown jewels

Preparing your network for the next wave of innovation

The New Healthcare Economy is rising up

The Fine Art of Creating A Transformational Cyber Security Strategy

GDPR: An Opportunity to Transform Your Security Operations

IDC FutureScape: Worldwide Security Products and Services 2017 Predictions

CISO View: Top 4 Major Imperatives for Enterprise Defense

Achieving effective risk management and continuous compliance with Deloitte and SAP

SPEAKER S BIO. Abhishek Agarwal, CIPP/US, Chief Privacy Officer at Baxter International

2015 VORMETRIC INSIDER THREAT REPORT

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

NERC Staff Organization Chart Budget 2019

SOLUTION BRIEF Virtual CISO

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

2018 Edition. Security and Compliance for Office 365

General Data Protection Regulation (GDPR) The impact of doing business in Asia

CYBER INSURANCE: MANAGING THE RISK

IT Audit Process. Prof. Mike Romeu. January 30, IT Audit Process. Prof. Mike Romeu

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

Evaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Transcription:

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data use beyond the compliance lens: How are business, individuals and societal expectations changing Broader stakeholders and interest Why and how companies can establish nimble methods that incorporate information security, privacy, ethics and fair data use into innovative product and service design

Today s Panel Toby Spry Director, PwC Cybersecurity & Privacy Toby works with companies to help them design, implement and operate privacy programs in which the personal information they collect is handled in a manner that s consistent with its privacy commitments and maintains trust and transparency with its customers. Toby works closely with CPOs, General Counsels, Chief Marketing Officers, CISOs, and Product & Engineering teams to collaborate on strategies to create and improve their enterprise-wide privacy programs. He also advises Chief Audit Executives and Chief Compliance Officers on their programs to continuously monitor, audit, and improve companies existing data protection and privacy programs. Peter Cullen Privacy Innovation Strategist Peter currently serves as a Privacy Innovation Strategist with PwC, helping a broader set of clients understand the future of new information use risks and the risk solutions they will need. Peter provides strategic leadership to organizations, helping them leverage big data information use to achieve business value and differentiation, as well as advance their reputation and image. He brings over two decades of expertise in corporate governance, privacy and risk management as well as extensive background in building sound organizational practices. Barbara Lawler Chief Privacy Officer, Intuit Barbara is an experienced business and privacy leader who has successfully designed and implemented marketleading global privacy programs. As CPO for Intuit, she engages directly with product and technology leaders in product development, data science, digital marketing and customer care to design and drive great customerfocused strategies, products and experiences through the impactful and responsible use of their own data. Troy Sauro Senior Privacy Counsel, Google Troy works in the Google legal department as Senior Privacy Counsel, where he provides legal and regulatory counsel on privacy compliance to the teams that develop and run Google's services. He also represents Google in front of regulators, advises the company on its development and ongoing maintenance of Google s internal compliance program, and helps manage the company s product privacy review process and data protection tools.

Big data, Big opportunities, Big risks 68% of CEOs see data and analytics technologies as generating the greatest return for stakeholder engagement.¹ However; as big data, cloud computing and the Internet of Things become even more important in modern business, organizational capabilities to manage the risks around data use must keep pace. 81 percent of executives agree that as the business value of data grows, the risks companies face from improper handling of data grow exponentially ² 81% The median Fortune 1000 company could increase its revenue by more than $2 billion a year if it increased data usability by just 10 percent.³ $2b ¹ PwC 19 th Annual Global CEO Survey (January 2016) ² Accenture Technology Vision Survey 2016 ³Source: http://www. forbes.com/sites/homaycotte/2014/12/04/convince-your-team-to-buy-in-to-a-big-data-solution-asap/

The privacy/data use opportunity it s bigger than legal compliance so are the market pressures Organizations are experiencing elevated privacy risk across the three threat vectors described below. Global Data Revolution 75% 24b Companies funding Connected devices IoT initiatives in 2015 by 2020 1000% Growth of global data by 2020 The data revolution is outstripping our clients governance capacities to manage data-use risk. As clients aim to establish more connectivity to consumers using advanced tracking and predictive analytics, they ve never been more at risk of deploying uses of data that revoke public trust in their brands. Europe s Privacy Crisis U.S. clients continued ability to operate in Europe will depend on demonstrating the strength of their privacy controls to EU business customers and regulators. EU mistrust in U.S. government surveillance has spurred landmark court decisions and regulator enforcement plans. $4b 500m Potential EU privacy fine on a company with $100b revenue EU citizens empowered to file privacy complaints 28 EU privacy authorities ramping up enforcement U.S. Privacy Enforcement $1b 350 Privacy fines and damages is sued in the U.S. Privacy audits U.S. HHS to conduct in 2016 1100 Privacy clas s - action laws uits in U.S. courts Relatively minor gaps in U.S. privacy controls can result in substantial privacy fines, penalties, and damage awards. To mitigate this risk, companies in all industries need an end-toend privacy program overhaul throughout the personal-data lifecycle.

Business Case for Data Use (Privacy) Governance The explosion of data collection and use has resulted in increased risk; however, when combined with the changing business, individual and societal expectations of fair and ethical data use, the controls in place to manage these risks have not kept pace. Data used to drive new products, new services, new personalization & insights Core product offering, various PII plus multiple data sources, analytics & personalization Core product Risk Gap offering, various PII plus personalization & consumer choice Core product offering, limited PII The corollary: As organizations use more data they can realize investments in both their data quality and security of that data have also not kept pace with their growing needs. Expectation of fair & ethical data use

Key Questions Why, what, and where is there a market shift on privacy expectations? How are ethics or fairness affecting innovation and data use? What does this mean for organizations? For consumers? How does this impact areas such as Information Governance, Risk Management, Product Design & Delivery? Do we need new models or can we adapt existing approaches? How are leading organizations evolving their practices how are they integrating changing business, individual, and societal expectations into product and service design? Time for your questions

Panel Discussion Toby Spry Director, PwC Cybersecurity & Privacy Barbara Lawler Chief Privacy Officer, Intuit Peter Cullen Privacy Innovation Strategist Troy Sauro Senior Privacy Counsel, Google

Audience Q&A

HOW DID THINGS GO? (WE REALLY WANT TO KNOW!) Did you enjoy this session? Is there anyway we could make it better? Let us know by filling out a speaker evaluation. Start by opening the IAPP Events App. Select this session and tap Click the following link for speaker evaluations. Once you ve answered all three questions, tap Done and you re all set. Thank you!

THANK YOU At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 157 countries with more than 208,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com. 2016 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback