PrivSec Global

Security functions in some leading organisations are beginning to move beyond just their role as defence mechanism and are defining the role they can play in contributing to the overall strategic vision.

How can security demonstrate its value in executing a winning competitive strategy?

This session looks at the best practice and explores how businesses can leverage cyber security to gain edge.

As the cloud environment continues to develop and new mechanisms are introduced which affect organisations’ strategies, opportunities and risks grow in complexity.

This session discusses likely technical developments and how practitioners can analyse their own processes to ensure they are fully taking advantage of them.

Cyber compliance requirements can vary in complexity and be imposed by law enforcement, regulatory bodies and even industry groups.

This session surveys key regulatory mandates and schemes and ways in which businesses can implement technical controls, policies and procedures based on requirements

The creator of the UK National Cyber Security Centre in 2016, former GCHQ director Robert Hannigan can now give a unique and exclusive perspective on how cyber security threats are developing and how governments and business must evolve their reactions in a constantly changing landscape.

Drawing on industry research, best practices and case studies, we’ll explore why enterprises must address end-of-life data more efficiently and precisely than ever before. We will show you how enterprises can ensure data security throughout the data lifecycle, comply with data protection laws, and align data disposal policies with regulators and environmental goals.

‍
We’ll also look at how to target regulated data within traditional endpoints (including remote workplaces), live environments (onsite or in the cloud) and decommissioned IT assets (drives and devices). You’ll also learn how application integrations and cross-vendor cooperation can help you comply with regulations and secure your data.

‍
Takeaways include:
- Current innovations and best practices for data sanitization in the post-Covid hybrid work environment
- Adequate and inadequate disposal methods for active data and end-of-life IT assets
- How many large enterprises are putting data at risk with current practices
- How data erasure supports environmental stewardship and social responsibility policies
- How to address sensitive data in the cloud (including AWS and Azure public clouds) and overcome data migration “spillage”
- Best practices for automation and integration into third-party asset management solutions like ServiceNow

The subtitle of Misha Glenny’s worldwide best-seller, MacMafia was ‘Seriously Organised Crime’ and this award winning journalist is better placed than anyone to discuss how international criminal organisations are constantly innovating.

In this keynote he draws on his background in geopolitics to show how great power relations are driving insecurity in cyberspace and why companies cannot rely on governments to shore-up their vulnerabilities.

Many organizations struggle with digital transformation and cloud computing particularly when implementing a framework to meet their compliance requirements.  

In this session, we will discuss a framework and operational approach to support you to move your business forward delivering quality services balancing cost and risk.

The deployment of new and cutting-edge technologies like Machine Learning and Artificial Intelligence can help security specialists to analyse and correlate data to identify patterns, scan various risks, gain predictive insights and forecast potential breaches.

But these emerging technologies are also being deployed in adversarial attacks, and increasingly being used to orchestrate sophisticated breaches.

This session covers key trends in this space and explores how businesses can responsibly deploy AI and ML for cyber defence.

For individuals managing third-party risk, there is one primary question that needs answering: Are your vendors safe to do business with? Answering that question is not so straightforward. Third-party risk comes loaded with complexities and compromises. However, there are “red flags” you can look for when evaluating the security, privacy, and compliance programs of your vendors.

One of the world’s foremost experts on how organisations can harness bleeding edge technologies to give themselves competitive edge, Edgar Perez will share his insights into how the world’s leading companies are changing their business models to leverage technical change.

We have seen two years' worth of digital transformation in only a few months. Most of Microsoft's enterprise customers (and even Microsoft itself!) had to quickly transform the way they assess new and complex risks in the wake of remote work.

In this webinar, hear from security and privacy professionals at Microsoft and LTTS on how they are adapting to these changes through new processes and policies, and how technology is helping them manage their risks.

Learn how AI boosts data discovery to manage data governance, data privacy and data protection with simplicity in one platform.

The European Data Protection Supervisor, Wojciech Wiewiórowski will give introductory remarks to the privacy stream of PrivSec Global, discussing the current data protection landscape during uncertain times.

Establishing successful strategies for managing and governing data compliantly can prove difficult even for large, well-established corporations. Global businesses are faced with numerous challenges including increasing volumes of data, dark and legacy data, digital transformation programmes and a desire to exploit the value of data through analytics.

All this sits along-side an ever-evolving data landscape with new regulations coming into force around the globe and increasing pressures to protect and secure data effectively.

The speakers will draw upon their global expertise and industry experience to provide insights on how to optimise your data governance framework, ensure compliance and security risks are addressed, deal with complex data challenges and discuss how technology can be used to accelerate and operationalise change.

This year has been a major one for regulatory change, with major changes in the US, Brazil and the UAE.

But there is much more to come - this panel selects the biggest implications for new regulation 2021 around the world as well as assessing likely enforcement trends in key regions.

Following the Schrems-II decision, organisations are obliged to assess all International data transfers on a case-by-case, to ensure the essentially equivalent standard can actually be achieved. During this panel, we will discuss how organisations can complete a transfer risk assessment and which elements need to be taken into account.

The COVID-19 crisis has hugely accelerated changes in the way society thinks about the basic principles of work.

Where is it done? How are the results delivered to consumers? How are public services created and provided to citizens? How is productivity measured?

All these questions pose huge questions for privacy and security and this panel will explore the key issues, in the short and long term.

After years of political toing and froing, Brexit day had finally arrived on January 31, 2020. With 2021 approaching, the transition phase is slowly coming to an end. But what does Brexit mean for your businesses? If you’re a UK based business that is currently processing personal data, or a business outside the UK that is targeting UK users, then you’re very likely to be affected by the changes.

In this session we will provide an overview of the new regulatory landscape applicable to the UK when it comes to privacy on websites and apps. We will also take a closer look at the latest recommendations of the ICO (British Data Protection Authority) regarding Cookie Consent and Cookie Banners. Furthermore, you will learn what effect the UK’s withdrawal from the EU and the Schrems II ruling will have on data protection and compliance, and what it means for your business.  Finally, we will give you practical advice on what to do to prepare for 2021 and to get your website GDPR compliant.

The growing use of artificial intelligence, machine learning and related technologies will have deep effects on the whole concept of privacy – but beyond the headlines, what does that actually mean in practice?

What should organisations be considering when they invest in technology or use through third parties, in terms both the opportunities and unforeseen risks?

Over the last decade, data has become the driving force behind businesses, economies, and daily life. But sometimes, something as simple as knowing what data you have, and where that data lives within (and outside of) your organization, can be your biggest governance, security and privacy risk. As stricter data laws are enacted across the globe and consumers exercise new privacy rights over their data, it’s more crucial than ever to find the best ways to find, manage, query, and action data.

In this session, we’ll discuss the drivers behind discovery, share real case studies of how companies are managing data challenges, and outline tips on how data discovery can help with compliance.

Daniel J. Solove is the John Marshall Harlan Research Professor of Law at the George Washington University Law School.

He is also the founder of TeachPrivacy, a company that provides privacy and data security training to businesses, healthcare institutions, universities, and other organizations.

Professor Solove has testified before Congress, has contributed to amicus briefs before the U.S. Supreme Court, and has served as a consultant or expert witness in a number of high-profile privacy cases involving Fortune 500 companies and celebrities.

This interview will discuss some of the key data privacy issues across the globe and what’s to come in 2021.

Please check back soon for more information!

The coronavirus pandemic has had seismic effects across society and business as a whole and the challenges it has brought to data protection are huge.

The speed of change required and the unpredictable nature of pandemics had made it a once in a lifetime experience for many practitioners.

This session highlights the key takeaways and considers what the ‘new normal’ really means in practice.

The skills and behaviours that were the foundations of a successful team are never static.

Our panel of some of the most senior privacy professionals share their views on how new challenges will bring the need for changes at all levels of the function.

Over the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they've obtained to corporate computer systems around the world.

Over the last few years, we've observed the ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software.

This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.

Despite worldwide privacy regulations changing and security threats increasing, privacy and data protection programs are still maturing.

The International Association of Privacy Professionals (IAPP) and FairWarning studied over 550 privacy and data protection programs to identify key attributes and habits of mature programs that could be used to help advance organizations' privacy efforts.

This session will review the key findings and takeaways from the study including why data needs to be protected and the organizational benefits, attributes and habits of mature privacy and data protection programs.

By 2024, and estimated 65% of enterprise application will be built using low-code platforms.  Citizen Developers without formal coding experience will be the primary drivers and makes of these low-code applications.  With this proliferation of developers and accelerated delivery of enterprise applications, security and governance becomes paramount to both digital transformation and business success.  How does an organization ensure that all the new applications being created by citizen developers does not lead to shadow IT or lost or stolen critical data.  The Microsoft Power Platform is an industry leading low-code platform serving more than 95% for the F500.  

This talk will demonstrate how the Power Platform and how Microsoft help organizations balance the growth and creativity of citizen developers who help lead an organization’s digital transformation while maintain corporate governance and security protocols. Low-code platforms will be the foundation and bedrock for organizations in the coming years, and the framework and tools need to govern and secure this new paradigm will be crucial for every business.

Privacy by design won’t work without it being based on a strong and sustainable culture which is cross-functional and supported by the top of the organisation.

This panel discussion will look at the practical issues of building a culture of privacy, how to keep it alive over time and how you can measure its effectiveness.

Promoting a culture of trust that strengthens your brand both internally and externally is no easy feat. Identifying, monitoring and mitigating risk across your business and third parties, as well as creating policies, procedures, and codes of conduct across different stakeholders and business units requires ethics to be placed at the center of an organization's practices. In this session, we will discuss the practicalities of building an ethics and compliance program, examining key issues around whistleblowing, third party due diligence, data risk management, and awareness training.

This panel session will take a global perspective on the development of track and trace in response to the global coronavirus pandemic, including evaluation results of 50 contact tracing apps from 31 countries.

Panellists will examine the notion of privacy from a cultural perspective and evaluate frameworks, including privacy risk factors and privacy-preserving features.

With the ever-increasing use of data and number of digital threats to organisations, data breaches are unfortunately commonplace. With more staff working from home increasing the threat of a breach, organisations more than ever, need to ensure the appropriate security measures in place.

This panel session will look at some of the most significant breaches from across the world, reputational constraints, risk factors, and best practices in preventing and handling a breach.

The UK Data Protection Index was launched by the Data Protection World Forum and The DPO Centre at the end of July, and is based on an anonymised survey of a panel of UK data protection and privacy professionals.

The survey runs every quarter and overtime will build a unique picture of the profession and its views.

This panel will be discussing the results of the latest index survey, covering a diverse range of subjects including professional development, Brexit and the impact of the coronavirus pandemic.

How can an organisation effectively measure its performance in terms of GDPR compliance, and identify those areas which require most attention.

In this highly practical session leading privacy practitioner Steve Wright explains how his GDPR Maturity Framework can be used as a tool to benchmark performance and will provide practical, pragmatic and relevant examples of where countless organisations fail or are often weak.

This proven methodology is now used by organisations around the world looking to improve, or in some circumstances, build the business case for more resources or greater budget and this leading industry benchmark capability.

Many organizations have accelerated the adoption of cloud services to meet the increased demand for flexible working. This has required a shift in the policies and controls required to effectively maintain security and productivity, to empower people to work from anywhere.

At the same time, the regulatory environment is constantly evolving with new data privacy, security and governance regulations appearing globally, regionally, and locally.

This session will explore the transformation on data protection and privacy controls, and consider priority areas to ensure data privacy and corporate data is protected in a modern digital estate.

How do we enable compliance and privacy in the shared responsibility model of cloud? How do we enable that with information protection? And how can we leverage threat protection to enable us to conduct business with confidence.

David Rowan was Editor-in-chief of the UK edition of WIRED magazine from launch in 2009 to February 2017 and is the. author of ‘Non-Bullshit Innovation’,

Recent keynote talks have included events for banks, governments and Fortune 100 companies, and recent stage interviews have ranged from will.i.am to James Murdoch and David Cameron.

Andrea Jelinek, Chairwoman, European Data Protection Board, Head of the Austrian Data Protection Authority discusses the current data protection landscape in Europe and beyond with President of the National Association of Data Protection Officers, Stewart Room.

It starts with data, it’s no longer an outcome of what we do. When we look back, we amass loads of “history” of things, now we leverage that history to define how and what we do. Hence the adoption of data lakes, IoT, and the commonly held view of data is more valuable than oil. Embracing data helps us make better decisions, delights our customers, delivers growth, and safeguards our business. Safeguarding your business is no longer about just placing firewalls, VPNs, and endpoint protection. You need to know what you’re protecting, otherwise you’re at risk.

In our ongoing series on diversity in the data protection profession, we bring together a varied group of practitioners to discuss how to translate theory (it’s a good thing to do) into practice (it’s a thing done well).

In this session, Scott Skinner Thompson, author of the new book ‘Privacy at the Margins’,  will highlight how different marginalized groups are uniquely harmed by privacy violations and will explain the legal relationship between private-party surveillance and government surveillance.

In addition, Scott offers suggestions as to why industry and government should give particular solicitude to the privacy of vulnerable groups.

53% of countries will have GDPR-like regulations within the coming two years. With increasing complexity and change across regulations, organizations need to ensure privacy remains top of mind and is not just seen as a cost center. This means moving from reactive to proactive approach by holding employees accountable, driving policy awareness and automating polices thus increasing productivity. Hear how Microsoft was able to realize competitive advantage through implementing privacy regulations and going beyond GDPR and CCPA.

In this session, Phillipa Leighton Jones, Editor at Large, The Trust at The Wall Street Journal | Barron's Group will interview Rudra Mitra, Vice President Product, Microsoft 365 Security and Compliance at Microsoft. Tune in to hear about how trust in technology has become an issue of paramount importance and key trends in productivity, security, protecting data and being privacy compliant.