Overview

Security and Privacy have become so intertwined and at times interchangeable. For all of you, the challenge is to walk the fine line to ensure security controls are in place to support privacy requirements BUT don’t violate those same privacy requirements. In this series we will discuss the relationship between security and privacy for protecting our employees, clients and business partners.

How do we protect data in accordance with strict regulatory requirements as it moves freely to the cloud and still meet the business requirement that it be accessible anytime from any device? What reportable metrics show we are properly governing data resources?

Security Controls Covered – DLP, Data (Structured & Unstructured) Protection, Data Classification, Obfuscation, Encryption, CASB

Data has been described as the “fuel” for our business engines. Most corporations finally have an appreciation of the value of their data, applications, and information systems. Those same companies are beginning to understand the impact of privacy regulations on how they use that data.

Information security and privacy professionals are working more closely than ever before to ensure data meets both privacy and security requirements. Sometimes they are at odds and other times they are in sync. Our member CISOs need to understand the linkage between privacy and security and implement appropriate controls.

We expect to cover the following topics in this series:

  • Data security & privacy program ownership- who is in charge?
  • Impact of regulations and compliance (GDPR, CCPA, and so many more)
  • Which data and privacy protection solutions are realistic - DLP, encryption, DRM, obfuscation, CASB, and more
  • Challenge of finding, monitoring, and controlling unstructured data
  • Encrypt all of our data- is that enough?
  • The importance of data breach and privacy exercises and table-tops
  • Challenge of managing data as it moves to the cloud and myriad third parties
  • Data governance program structures
  • Consideration for how quickly collected user data can have a privacy impact (eg, fitness data from wearables, not PHI yet but likely to be)

Sponsored by IBM, Varonis, Sentinel One