Agenda

PrivSec Global brings together leading experts from around the globe, for a 3-day digital experience that ensures attendees have access to the latest information, guidance and advice on data protection, privacy and security.

PrivSec Global returns on 22-24 June, and will once again deliver a carefully curated agenda that taps into the expertise of subject matter experts, industry leaders, visionaries and academics.

Session times shown below in Greenwich Mean Time Zone (GMT). All sessions will be recorded and available on-demand.

Agenda Themes at PrivSec Global:

Digital Transformation

The global pandemic has had a huge impact on every facet of our lives, but one area of business dramatically accelerated was Digital Transformation - whether it be the new normal of working or 5G implementation, this faster processing of DT was going to face regulatory requirements and challenges and demand more from their data protection and cybersecurity teams. PrivSec Global will explore topics including the importance of back-up, and whether more regulation will damage the new pace of change.

Diversity and Inclusion

GRC World Forums and PrivSec Global are proud to be producing more and more content on DEI, but this is not something that is going to be solved overnight by a panel, a spreadsheet and an email.  But, we must keep talking as it will only be through conversation and debate that we will find the solutions to take society forward.  We stand together, within a community of like-minded professionals who care about Diversity, Equity and Inclusion in all that we do - our panels will deep-dive into why diversity matters, underlying racial biases in society and AI/ML, data ethics, and data collection and usage within the workplace.

Politics, Economics and Social

PrivSec Global will always endeavour to be at the forefront of the political, economic and social issues of the day, relating to Data Protection & Privacy, Data Security and Data Governance.  Whether it be Vaccine Passes, Environmental, Social and Corporate Governance, Facial Recognition or the constant challenges surrounding Russian Cybersecurity initiatives, our agenda and thought-leaders will disclose their thoughts and predictions during lively debates on these vitally important topics.

Regulatory Developments

All of the sectors within PrivSec Global, whether it be Data Protection and Privacy, Data Security, or Governance Risk & Compliance, are deeply affected by regulations and their developments over time. PrivSec Global is a livestream experience providing a platform for thought-leaders, vendors and our delegate audience to converse on regulations in Europe, the Americas, The Middle East, Africa and Asia Pacific - from LGDP in Brazil to the upcoming enforcement of POPIA in South Africa.

Third Party Risk Management

Risk is at the heart of everything that companies do, and Covid-19 has put an increased spotlight on Third Party Risk Management.  Whether it’s interaction with regulations such as GDPR, the increased requirement for more cybersecurity expertise at board level, or regulatory developments impact upon vendor risk management, PrivSec Global will highlight the challenges through case studies and endeavour to explore options and solutions.

Trust

Slowly, but very surely, becoming one of the more important words in the Data Protection & Privacy, Data Security and Governance sectors.  No longer whispered in undertones, enterprise organisations realise that a roadmap that includes trust and transparency builds a stronger relationship with their clients and consumers, which results in more success, more notoriety and more ROI.  PrivSec Global will touch upon some of the most important subjects such as Data Transparency, Effective Zero Trust, Privacy Policies, Online Privacy for Children and Biometric Privacy in the Advertising Industry.

Stream 1

7:00 am

Internal Threats: Top Threats to your IT Security and how to Address Them

From employees accidentally clicking on malicious links, to sabotage, theft of data and unauthorised access, companies have plenty of potential insider cyber security threats to consider. But how can organisations ensure their cybersecurity defence methods are robust enough to cope? This panel will look at some of the most common internal threats and what is needed to ensure your practices are safe and effective.

8:00 am

GDPR Requirements and Digital Transformation

Digital technology is transforming the way businesses operate around the world and data has never been able to be shared so quickly and easily in real time. However, the General Data Protection Regulation requires data usage to be lawful, fair and transparent, with strict requirements to minimise and limit the purpose of data. This session will discuss the challenges for GDPR compliance thrown up by the digital revolution.

11:00 am

Environmental, Social, and Corporate Governance: Why a Privacy-Focused Company is a Sustainability-Focused Company

Holding less data means less storage, less power usage and this is better for the environment.  In short, be lean with data, less power, more profit, better for the environment.  This panel will discuss the many links between a organization's focus and spend on Data Protection & Privacy and their strategy on sustainability, the environment and social governance.

12:00 pm

Schrems II and International Data Transfers: The Journey to a new Privacy Shield and Who Is Leading the Way

Companies are still feeling the impact of the European Court of Justice decision last July that torpedoed the Privacy Shield, raising huge question marks about the future of international data transfers between the EU and US.  This panel will look at what may rise from the ashes of the Privacy Shield, which was being used by more than 5,000 participants at the time of the ruling. Are standard sub contractual clauses the answer? Will diplomacy and a new administration in the White House provide a new solution?

2:00 pm

Third Party Risk Management Ownership and Centralized Risk Assessment Exchanges

Third party providers and suppliers sometimes have access to your organisation’s intellectual property, data, financial, and other sensitive information and custom details. Managing this risk can be complex and onerous. This session looks at how centralized risk assessment exchanges can help ensure vendor risk assessments are completed swiftly, accurately and efficiently.

3:00 pm

Preparing Your Organisation for the Quantum Computing Revolution and the Data Protection/Security Challenges

Quantum Computing offers great opportunities, but with these advancements come challenges against the current norms of Data Protection & Privacy and Data Security.  For example, Quantum Computing can dramatically speed up the process to factor large prime numbers, but these very same primes underlie data transfers and security arenas.  This panel will explore the many ways an organization can prepare for Quantum Computing, such as investment and environmental infrastructure, looking at case studies and global experience to discuss the challenges, but also successes, that lay ahead.

4:00 pm

Vaccine Passes: The Tech, The Law and the Importance of Data Protection and Privacy

This panel brings together leading experts in the technology, law and travel industry in relation to Vaccine (or Health) Passes.  The debate will explore the tech and the importance of these passes to our World in this new normal, the law around these to inform our communities and dispell myths, and thought-provoking input from the travel industry about how this technology can help the World to travel again.

5:00 pm

Why More Organizations Should Prioritize their Data Retention Policies?

The results are in!  Prioritizing your data retention policies leads to improved compliance, reduced spending resulting from less data, and simplified DSAR and Discovery responses as well as reducing the risk of data loss.  This panel will explore case studies as to why more organizations are not utilizing their data retention strategies, how they can develop and prioritize their usage and ultimately, see the benefits.

6:00 pm

Diversity and Inclusion in the Data Protection & Privacy Sectors

A lack of representative diversity and unconscious bias in recruitment plagues all sectors and data protection and privacy are no different. In this session we will look at the efforts being made to make the industry more inclusive and what organisations can do to play their part.

Stream 2

7:00 am

How to Prevent Credential Stuffing Attacks While Managing Risk and Trust

Credential stuffing is a brute force attack that can be low-risk, high-reward for cyber criminals. This panel will debate the defence techniques that can be used to guard against this threat.

8:00 am

Effective Zero Trust: How Zero Trust Can Help Secure Your Business

Zero trust can deliver greater security, less demanding workloads, reduced IT complexity and can be used to improve data protection and user experience. This session will look at how zero trust can be utilised in the most effective way.

9:00 am

Third Party Risk Management under GDPR: Ownership and Risks, Fines and Solutions

Data breaches via third parties are a growing problem for GDPR compliance. This session will discuss the ways in which you can protect your organisation against third party risk and how to respond in the event of a breach via a third-party relationship.

10:00 am

Regulatory Developments: POPIA and the Principles of Enforcement Action

South Africa’s Protection of Personal Information Act (POPIA) comes into enforcement from 1st July 2021.  This panel will discuss the forms in which it is likely enforcement will happen, assessing the triggers, exploring the history of what regulators look for, and what the implications are for South Africa.  Leading experts will forecast whether the regulators will be strict or reasonable as the law comes into enforcement, and debate the challenges ahead.

11:00 am

Diversity and Inclusion: Women in Cybersecurity: Why Diversity Matters

Recent research by Tessian found that a higher proportion of young men were likely to consider a career in cyber security than young women. This panel will look at ways we can, together, make the cybersecurity industry more attractive to women and how greater inclusion and diversity can help improve workplaces while tackling the cyber skills gap.

12:00 pm

How to Secure Your Cloud Environment and Protect Your Data

With the increase in remote working due to the Covid-19 pandemic, businesses have a strong incentive to implement cloud migration. But how do you ensure your data is protected? This session will look at everything from backup techniques, to different kinds of passwords and authentication.

1:00 pm

Why the Future of Trust Must Be Built on Data Transparency

As organizations invest more in Data Protection & Privacy, and regulators increase their scrutiny, this is a perfect moment in time for increased data transparency.  Companies can reveal more of how they use data, plus giving the end user more control and access.  This webinar will why trust and data transparency must go hand-in-hand and what the future heralds if more organizations follow this path.

2:00 pm

Risk Assessments of Fast-Tracked Digital Transformation and the Importance of Back-up

Digital transformation is happening rapidly, but businesses have to be extra careful not to put their digital assets at risk. This panel discusses how back-up policies can play a key role in ensuring transformation does not lead to data loss.

3:00 pm

Managing Employee SARs Using eDiscovery in a Covid-19 World

Organizations have seen some of the greatest staffing challenges over the last 18 months due to the pandemic - illness, furlough, redundancy and fulfilling mandatory SAR deadlines just some of the examples.  Utilizing eDiscovery to identify, collect and produce electronically stored information, as part of your SAR process, will speed up resolutions, reduce expenditure and mitigate the risks.

4:00 pm

Americas Focus: Caribbean Data Protection & Privacy Regulations

The Caribbean has seen critical issues in regard to its data privacy regulations and has been slow in adopting comprehensive laws that provide formal legal structures for data transfers and protection. Currently, fifteen privacy laws have been passed, with Jamaica being the most recent by passing its Data Protection Act, 2020. The Government of Trinidad and Tobago are currently amending their own privacy law in accordance with the GDPR. This panel will discuss the future of the Caribbean’s Data Protection Regime and the possibility of a collaborative regional approach towards data protection, as well as harmonisation with international standards.

5:00 pm

Americas Focus: USA and the Developing Nature of Privacy Law

The patchwork nature of privacy law in the United States is getting ever more confusing, as different states pass their own pieces of legislation. This panel will discuss where this is all heading and gauges the prospect of an all-encompassing federal privacy law.

6:00 pm

Americas Focus: LGPD

Lei Geral de Proteção de Dados (LGPD) is Brazil’s federal data privacy law that went into effect on September 18, 2020, with enforcement starting on August 1, 2021. With Brazil being a key market in Latin America for big US tech companies, the LGPD has been a positive move forward for Brazil’s legal privacy framework. This panel will discuss how companies can best prepare for compliance with the LGPD as well as its extraterritorial impact.

Stream 1

7:00 am

Third Party Risk Management: Cybersecurity Expertise into Board Governance and a Company's Digital Defense

As companies the world over grapple with the rising cyber security threat, is it now time to have a director in charge of cybersecurity in the boardroom? If so, how do you ensure you find the right person. This panel discusses whether cybersecurity at board-level would help strengthen the digital defence of companies.

8:00 am

Privacy Culture Panel: Workforce Survey Results and Discussion

A landmark employee survey, developed by Privacy Culture, seeks to understand employee attitudes, knowledge and behaviour towards data privacy and protection. In this session you can hear the latest results from the research and debate about current data protection workforce sentiments.

9:00 am

Regulatory Developments: POPIA and the Transition from Non-Regulation

From 1 July, businesses will have to comply with South Africa’s Protection of Personal Information Act (POPIA). This comprehensive legislation marks a sea change in the way businesses are regulated for data protection, including introducing a requirement to report data breaches. This panel will discuss how businesses can make the transition needed in order to comply with the new legislation.

10:00 am

Managing Cybersecurity in Digital Transformation Projects

Design and technology projects can involve heavy use of IT software by a wide group of people, making them a potential target for cyberattackers. This panel will discuss ways in which the potential risks can be mitigated.

11:00 am

Trust: Why Companies Need Simplified Privacy Policies?

GDPR requires communications to data subjects to be “concise, transparent, intelligible and easily accessible”. Despite this many privacy policies are still complex and text-heavy. This panel will discuss the benefits of keeping policies short and simple and ways to ensure brevity while still meeting all the compliance requirements.

12:00 pm

Multi-Factor Authentication and the Roadmap to an Organisation's Increased Security

Multi-factor authentication is becoming more widespread as a key tool in the cyber security armoury. This panel will look at the role this authentication method can play in organsiations’ security strategies and how challenges to implementation, including cost, equipment and knowledge constraints, can be overcome.

1:00 pm

UK Data Protection Index panel

The UK Data Protection Index, produced by Data Protection World Forum and the DPO Centre, each quarter gives us a glimpse into the changing attitudes and sentiments of Data Protection Officers. The panel of 334 DPOs are quizzed every three months on the same set of questions, allowing us to track shifting sentiments. New questions are also added each quarter in order to gather insight into DPOs’ views on the very latest topics. In this session the panel will discuss some of the more eye-catching findings from the latest UK Data Protection Index report.

2:00 pm

Artificial Intelligence: How Secure are your ML and AI projects? OR AI Security: How Human Bias Limits AI

We are on the cusp of an Artificial Intelligence and machine learning revolution, with Juniper Research forecasting a quadrupling of regtech spending globally by 2025 as a result. As companies look to technological solutions, this panel looks at the potential risks to security and what can be done to mitigate them. The session will also debate the limitations of Artificial Intelligence if human bias affects the data sets used.

3:00 pm

Email Security: Why do We Still Click on Malicious Links?

It is often said that humans are the weakest link when it comes to cyber security and the use of malicious emails, particularly in phishing attacks, remains a common weapon of choice for hackers. This panel will discuss why employees are still prone to clicking on dangerous links and what businesses can do, whether through training, awareness, better protocols or software investment, to get on top of the issue.

4:00 pm

Diversity and Inclusion: AI, ML and Data Ethics

Artificial intelligence and machine learning are increasingly being seen as a holy grail for enabling regulatory compliance, particularly for larger companies. However AI and ML rely on huge amounts of data to operate effectively and what happens if the data used to train the machine includes bias? This session will talk about the dangers of conscious and unconscious assumptions about race and gender and other concepts creeping into data sets and how this risk can be mitigated.

Stream 2

9:00 am

Middle East and North Africa Focus: Data Protection and Privacy Regulations Across the Region

Across the Middle East and North Africa (MENA), data protection legislation is still in its infancy, but where data protection laws do exist, enforcement is problematic. A 2020 survey suggested that over 40% of companies in MENA are facing regulatory investigations due to poor integration of technology. This panel discusses how the MENA region can ethically manage data in the wake of rapid transformation.

10:00 am

Middle East and North Africa Focus: A Geography Ripe for Change, or Will the Sectors Stagnate?

According to a Consumers International briefing, 60% of the people of the Middle East and North Africa are aged under 30 and use of technology is rapidly growing (71% of people are now online, compared to 39% in 2012).  But, are Data Protection & Privacy Regulations growing at the same rate to support this society that has an appetite for change, but also concerns about their data.  This panel will explore where more change is required and discuss the future roadmap for regulation in the region.

12:00 pm

Cloud Security: Best Practises in Managing Risk, Access and Visibility

There are a number of best practises, from applying data protection policies to setting limitations on how data is shared, that will enable more efficient Cloud Security - a panel of experts will discuss case studies, and educate on how these steps can be taken in good order to ensure data protection and security are upheld.

1:00 pm

Phishing Prevention Plans and Staying One Step Ahead of Cybercriminals

According to the FBI, phishing was the most common type of cybercrime in 2020 and nearly doubled in frequency to 241,324 incidents last year. But why are criminals increasingly looking to phishing to carry out attacks. This panel will examine the phenomenon and look at what organisations and businesses can do to strengthen their defences.

2:00 pm

WFH and Data Protection: The Increasing Impacts of Covid-19 and What Comes Next?

The Covid-19 pandemic and the lockdowns around the world prompted businesses to put in place systems to allow employees to work from home. As restrictions in many parts of the world are now easing, there is a mixed picture about what happens next. Some businesses are keener than others to get employees back into the office, but for most some kind of hybrid approach looks inevitable. This panel will look at what this all means for data protection.

3:00 pm

Data Breaches: It Does Happen to Every Company, It Does Happen All The Time, and It Is a Big Deal

Incidents and data breaches are increasing year-on-year.  As regulatory scrutiny also grows, alongside the publicity of breaches and emerging private right of action, why do many organizations still treat data breaches as rare events, using ad hoc process, on-the-fly communication and cobbled-together toolsets.  There is a better way!

4:00 pm

Privacy Program Management panel: Building a Privacy Culture Within Your Organisation

There is no short term fix when it comes to Privacy Program Management (PPM) - it is always ongoing and always contains a transparent set of standards and operational controls to help each step of privacy program development.  This session will explore the goals of PPM, the framework of standards and controls and the steps that need to be taken to instill a Privacy Culture within your Organization.

5:00 pm

What Happens After Third Party Cookies?

The death of the third-party cookie has been widely reported, but what comes next? Rising consumer expectations and changing legislation has meant that the global privacy ecosystem is quickly evolving. With Google's efforts to phase out third-party cookies on Chrome browsers by 2022, there is still a lot to be said on how marketing and advertising organisations can prepare for the changes.

Stream 1

7:00 am

What Do Hackers Have Against the Healthcare Sector?

The past year has seen an upsurge in attacks against hospitals and other healthcare institutions. This panel will discuss the reasons why hackers are seeking to exploit this sector and what healthcare providers can do to ensure their defences are robust.

8:00 am

Diversity and Inclusion: Workplace, Data Collection and Usage

Embedding diversity and inclusion consideration in all working practices is rapidly being seen as a must by businesses. This panel will look at the factors organisations should consider when formulating their data collection and usage policies to ensure a diverse and inclusive workplace.

12:00 pm

Divergence in GDPR and the Financial Services Industry

The patchwork nature of data protection regulations across the world creates a particular challenge for financial services firms operating overseas. This panel discusses how this, and divergence from GDPR, can be addressed.

1:00 pm

How Do Data Protection Regulations Apply to AI and is GDPR Ready for Facial Recognition?

This panel will explore the relationship between Artificial Intelligence/Machine Learning and Data Protection Regulations, as well as discussing some of the most important points in relation to GDPR and Facial Recognition.  

2:00 pm

Confidential Computing: The Next, Great, Development in Data Protection

A recent IBM IBV study said 74% of CEOs think adoption of cloud will be critical for their businesses in the next two to three years. Cloud migration, however, brings a higher risk of data exposure, making cloud security a critical issue for businesses, post-pandemic. This panel discusses the potential of confidential computing in enabling businesses to process sensitive data in a hybrid cloud without compromising consumer privacy or security.

3:00 pm

Improve Your Compliance and Reduce Expenditure: Data Retention Done The Right Way

Why do most organizations fail to make their data retention policies operational?  A strong Data Retention Policy will provide benefits across legal and compliance activity, and reduce costs as well.  Less data means fewer costs - Data Retention improves compliance, not just with retention regulations, but privacy as well.  It can simplify DSAR and Discovery responses and reduce the risk of data loss.  Doing data retention the right way will improve your organization’s compliance and generate tangible results.

4:00 pm

Where Does a CISO's Role Go From Here?

Sudden digital transformation has put the role of the CISO in the spotlight with many in the cybersecurity industry suggesting that the title has become overused. Others may associate the role of the CISO as being innovation or cloud averse. This panel discusses what is next for the CISO as the role continues to adapt with the industry.

Stream 2

7:00 am

Building Security Teams panel: The Increasing Importance of DEI in the Recruiting Process

There has been much written about recruitment issues in cybersecurity, whether it be a cyber skills gap or retirees taking their expertise with them.  Could an increased focus on Diversity, Equity and Inclusion in the recruiting process be a weapon in the armoury against these tides?  A panel of experts in recruitment and DEI will discuss these questions and more.

8:00 am

APAC Privacy Focus: China - their own internal regulations, what’s coming, and how do they relate to China’s neighboring countries

As DLA Piper confirm, "...a draft PRC Personal Information Protection Law (Draft PIPL) was published for consultation [in Oct 2020]. If passed, the Draft PIPL would be the first comprehensive national level personal information protection law in the PRC, creating binding compliance obligations previously considered recommended practice (under the Guidelines), and requiring organizations to comply with new compliance steps.".  A panel of experts will discuss this draft law, how will this relate to China's neighbours and what the future may herald for Chinese Data Protection and Privacy.

9:00 am

APAC Privacy Focus: When Will the Big Fines Begin to Happen?

Between 2019 and 2020, a number of countries across Asia developed their Data Privacy Laws - Singapore, China, Thailand, Sri Lanka, India, Hong Kong and Japan.  With more regulations, come more fines.  Bigger fines.  This session will explore some of these regulations, recent fines and the future.

10:00 am

APAC Privacy Focus: Hong Kong and their Personal Data (Privacy) Ordinance; amendments and the focus from China

As the PCPD website states, "The Personal Data (Privacy) Ordinance (the "PDPO") was passed in 1995 and took effect from December 1996 (except certain provisions). It is one of Asia’s longest standing comprehensive data protection laws."  This webinar of experts will discuss the present climate, recent and forecast amendments to the ordinance, and explore the focus from the mainland as they develop their own internal regulations.

11:00 am

Has Homomorphic Encryption Finally Reached Maturity?

Fully Homomorphic Encryption may offer businesses the chance to draw value from data with it remaining encrypted, providing a potential solution to decreasing the amount of data compromised by cybercriminals. This panel discusses how close we are to practically integrating a disruptive technology like FHE to effectively manage cloud-based data without compromising privacy and security.

12:00 pm

Data Masking panel: Improving Data Protection and Compliance

This panel will explore the reasons why Data Masking is an important tool for enterprise organisations, from its solutions to multiple critical threats to allowing authorized users to share data without exposure.  It will discuss case studies, with high-end thought leaders offering their insights into the current technology, as well as forecasting the future of Data Masking's relationship with Data Protection and Compliance.

1:00 pm

Retail and Data Protection & Privacy panel: The Future of Consumer Data Privacy

The tech market is showing that it is getting more serious about consumer data privacy, with a new wave of privacy restrictions on the horizon. Apple’s announcement to adapt its “Identifier for Advertisers” mechanism sent shockwaves through Silicon Valley, rewriting and leaving gaps in the advertising ecosystem. This panel will discuss these gaps and how organisations handling consumer data can manage the emerging risks.

5:00 pm

Will More Regulation Spoil Digital Transformation?

Digital Transformation projects have had to be accellerated in 2020/1 due to Covid-19.  As this occurs, there are increasingly diverse and altering Data Protection regulations to take into account.  This session will explore these challanges, case studies and best practises offering insights in this important balance.

6:00 pm

VC panel: 4 start-ups and a VC

4 pre-seed funding start-ups will discuss the challenges and early successes of their companies, presenting their hopes and fears, with an established VC who can offer guidance and experience on the mountains and valleys ahead.