Agenda

PrivSec Global brings together leading experts from around the globe, for a 3-day livestream experience that ensures attendees have access to the latest information, guidance and advice on data protection, privacy and security.

PrivSec Global returns on 22-24 June, and will once again deliver a carefully curated agenda that taps into the expertise of subject matter experts, industry leaders, visionaries and academics.

Session times shown below in British Summer Time (BST). All sessions will be recorded and available on-demand.

Agenda Themes at PrivSec Global:

Digital Transformation

The global pandemic has had a huge impact on every facet of our lives, but one area of business dramatically accelerated was Digital Transformation - whether it be the new normal of working or 5G implementation, this faster processing of DT was going to face regulatory requirements and challenges and demand more from their data protection and cybersecurity teams. PrivSec Global will explore topics including the importance of back-up, and whether more regulation will damage the new pace of change.

Diversity, Equity and Inclusion

GRC World Forums and PrivSec Global are proud to be producing more and more content on DEI, but this is not something that is going to be solved overnight by a panel, a spreadsheet and an email.  But, we must keep talking as it will only be through conversation and debate that we will find the solutions to take society forward.  We stand together, within a community of like-minded professionals who care about Diversity, Equity and Inclusion in all that we do - our panels will deep-dive into why diversity matters, underlying racial biases in society and AI/ML, data ethics, and data collection and usage within the workplace.

Politics, Economics and Social

PrivSec Global will always endeavour to be at the forefront of the political, economic and social issues of the day, relating to Data Protection & Privacy, Data Security and Data Governance.  Whether it be Vaccine Passes, Environmental, Social and Corporate Governance, Facial Recognition or the constant challenges surrounding Russian Cybersecurity initiatives, our agenda and thought-leaders will disclose their thoughts and predictions during lively debates on these vitally important topics.

Regulatory Developments

All of the sectors within PrivSec Global, whether it be Data Protection and Privacy, Data Security, or Governance Risk & Compliance, are deeply affected by regulations and their developments over time. PrivSec Global is a livestream experience providing a platform for thought-leaders, vendors and our delegate audience to converse on regulations in Europe, the Americas, The Middle East, Africa and Asia Pacific - from LGDP in Brazil to the upcoming enforcement of POPIA in South Africa.

Third Party Risk Management

Risk is at the heart of everything that companies do, and Covid-19 has put an increased spotlight on Third Party Risk Management.  Whether it’s interaction with regulations such as GDPR, the increased requirement for more cybersecurity expertise at board level, or regulatory developments impact upon vendor risk management, PrivSec Global will highlight the challenges through case studies and endeavour to explore options and solutions.

Trust

Slowly, but very surely, becoming one of the more important words in the Data Protection & Privacy, Data Security and Governance sectors.  No longer whispered in undertones, enterprise organisations realise that a roadmap that includes trust and transparency builds a stronger relationship with their clients and consumers, which results in more success, more notoriety and more ROI.  PrivSec Global will touch upon some of the most important subjects such as Data Transparency, Effective Zero Trust, Privacy Policies, Online Privacy for Children and Biometric Privacy in the Advertising Industry.

Stream 1

7:00 am

Internal Threats: Top Threats to your IT Security and how to Address Them

From employees accidentally clicking on malicious links, to sabotage, theft of data and unauthorised access, companies have plenty of potential insider cyber security threats to consider. But how can organisations ensure their cybersecurity defence methods are robust enough to cope? This panel will look at some of the most common internal threats and what is needed to ensure your practices are safe and effective.

Speakers include:

Find out more →

8:00 am

GDPR Requirements and Digital Transformation

Digital technology is transforming the way businesses operate around the world and data has never been able to be shared so quickly and easily in real time. However, the General Data Protection Regulation requires data usage to be lawful, fair and transparent, with strict requirements to minimise and limit the purpose of data. This session will discuss the challenges for GDPR compliance thrown up by the digital revolution.

Speakers include:

Find out more →

9:00 am

Engaging Your Line of Business for Cybersecurity Initiatives​

Security cannot be done in a silo. The extent and nature of data shared across line of business functions both internally and externally fuels instances of system and organizational vulnerabilities. GRC must transcend the traditional lines of defence specifically risk managers and audit professionals. In this session we'll discuss roles and responsibilities of effective risk management practices. What can businesses do to better align key stakeholders? How can businesses incorporate Security by Design process and practices and where can technology support with structured data sets and automation?​

Aligning organizational goals, and department objectives to translate risk into business impacts.

Automating GRC touchpoints into your line of business functions​

Integrating Audit to document and support continuous improvement initiatives​

Speakers include:

Find out more →

9:30 am

Data Privacy and Integrated Technologies Sponsored by FTI Consulting

The rapid development of new technology presents organisations, regulators and society with data privacy and security risks. In our interconnected world, personal data can be shared between devices, networks and borders rapidly. Technological advancements bring devices and products into potential conflict with data protection regulations, whilst rapid innovation and market growth introduces risks that new technology is released without suitable oversight and compliance measures. This panel with discuss the underlying risks and considerations when it comes to integrated technologies, including medical technologies, and outline what practical steps organisations can take to address risks.

Speakers:

Find out more →

10:00 am

Keynote: Ciaran Martin, Founding CEO of the National Cyber Security Centre (Brought to you by GRC TV)

During this session Ciaran will discuss the developments of secure technologies both now and in the future. In terms of the now, there will be an analysis of current security infrastructure, recent organised criminality and what some of the greater issues are outside of ransomware. Ciaran’s views on the future will parallel that optimistic view of how technology is changing, but the pessimism that we are in the midst of a New Tech Cold War.

Speakers include:

  • Ciaran Martin, Founding CEO of the National Cyber Security Centre and now Professor, University of Oxford
  • Joe Tidy, BBC Cybersecurity Correspondent
Find out more →

11:00 am

Environmental, Social, and Corporate Governance: Why a Privacy-Focused Company is a Sustainability-Focused Company

Holding less data means less storage, less power usage and this is better for the environment.  In short, be lean with data, less power, more profit, better for the environment.  This panel will discuss the many links between a organization's focus and spend on Data Protection & Privacy and their strategy on sustainability, the environment and social governance.

Speakers include:

Find out more →

12:00 pm

Schrems II and International Data Transfers: The Journey to a new Privacy Shield and Who Is Leading the Way

Companies are still feeling the impact of the European Court of Justice decision last July that torpedoed the Privacy Shield, raising huge question marks about the future of international data transfers between the EU and US.  This panel will look at what may rise from the ashes of the Privacy Shield, which was being used by more than 5,000 participants at the time of the ruling. Are standard sub contractual clauses the answer? Will diplomacy and a new administration in the White House provide a new solution?

Speakers include:

Find out more →

1:00 pm

Are you ignoring the elephant in the room - Your Organization’s Data?

Everyone is talking about compliance and fines when it comes to an organization’s data. Fines must not be the driving factor to take control of your data.  It must start with Trust. Maintaining the trust of your customers, your employees, your vendors, and your shareholders. According by the latest 2021 Thales Data Threat Report, only 24% of organization have complete knowledge of where their data is stored. Embracing a strong data management posture drives better decisions, delights your customers, delivers growth, and safeguards your organization. Keeping data secure is no longer about just firewalls, VPNs, and endpoint protection. You need to know what you’re protecting.

Find out more →

2:00 pm

Third Party Risk Management Ownership and Centralized Risk Assessment Exchanges

Third party providers and suppliers sometimes have access to your organisation’s intellectual property, data, financial, and other sensitive information and custom details. Managing this risk can be complex and onerous. This session looks at how centralized risk assessment exchanges can help ensure vendor risk assessments are completed swiftly, accurately and efficiently.

Speakers include:

  • David Condon, GMM Insurance
  • Lahar Mishra, Technical Risk Management Analyst, Paranoids, Verizon Media
  • Veroniki Stamati, Information Security & Privacy Engineering Lead, Skyscanner
  • Alastair Parr, Senior Vice President, Global Products & Delivery, Prevalent
  • More to be announced
Find out more →

3:00 pm

Preparing Your Organisation for the Quantum Computing Revolution and the Data Protection/Security Challenges - Sponsored by Thales

Quantum Computing offers great opportunities, but with these advancements come challenges against the current norms of Data Protection & Privacy and Data Security.  For example, Quantum Computing can dramatically speed up the process to factor large prime numbers, but these very same primes underlie data transfers and security arenas.  This panel will explore the many ways an organization can prepare for Quantum Computing, such as investment and environmental infrastructure, looking at case studies and global experience to discuss the challenges, but also successes, that lay ahead.

Speakers include:

  • Surj Patel, Technologist and Entrepreneur, Next Market Consulting
  • Ramsés Gallego, Executive Vice President, Quantum World Association
  • Duncan Jones, Head of Quantum Cybersecurity, Cambridge Quantum
  • More to be announced
Find out more →

4:00 pm

Vaccine Passes: The Tech, The Law and the Importance of Data Protection and Privacy - Sponsored by Exterro

This panel brings together leading experts in the technology, law and travel industry in relation to Vaccine (or Health) Passes.  The debate will explore the tech and the importance of these passes to our World in this new normal, the law around these to inform our communities and dispel myths, and thought-provoking input from the travel industry about how this technology can help the World to travel again.

Speakers include:

  • Jody Ranck, DrPH,  Senior Analyst at Chilmark Research and EVP Global Health Strategy, Ram Global
  • Savera Sandhu, Partner, Newmeyer Dillion
  • Eric Piscini, Global VP, Payer and Emerging Business Networks, IBM
  • More to be announced
Find out more →

5:00 pm

Why More Organizations Should Prioritize their Data Retention Policies?

The results are in!  Prioritizing your data retention policies leads to improved compliance, reduced spending resulting from less data, and simplified DSAR and Discovery responses as well as reducing the risk of data loss.  This panel will explore case studies as to why more organizations are not utilizing their data retention strategies, how they can develop and prioritize their usage and ultimately, see the benefits.

Speakers include:

Find out more →

6:00 pm

Enabling Change: Diversity, Equity and Inclusion in the Data Protection & Privacy Sectors - Sponsored by Exterro

A lack of representative diversity and unconscious bias in recruitment plagues all sectors and data protection and privacy are no different. In this session we will look at the efforts being made to make the industry more inclusive and what organisations can do to play their part.

Speakers include:

  • Shoshana Rosenberg, PLS, FIP, CIPP, CIPM, CDPSE, Founder and General Counsel, SafePorter;
  • Siena Castellon, Neurodiversity Advocate, Author and Founder of Neurodiversity Celebration Week - Stanford University;
  • Lauren Dike, Diversity, Equity and Inclusion Manager, Nika White Consulting
  • Leron Barton, Freelance Writer, YourTango
  • More to be announced
Find out more →

6:45 pm

Navigating Data Security in the Cloud (Sponsored by HITRUST)

An overwhelming number of businesses today are choosing the cloud to host software applications, govern IT workloads, and assist with facilitating rapid technology innovation. Unfortunately, along with the cloud comes ambiguity regarding data security responsibilities. How do you clearly delineate responsibilities, provide adequate security assurances to stakeholders, and remove the burden on teams that are tasked with information risk management for such a complex ecosystem?

Speakers:

Find out more →

Stream 2

7:00 am

How to Prevent Credential Stuffing Attacks While Managing Risk and Trust - Sponsored by CyberSixgill

Credential stuffing is a brute force attack that can be low-risk, high-reward for cyber criminals. This panel will debate the defence techniques that can be used to guard against this threat.

Speakers include:

  • Stewart Room, Partner, Global Head of Data Protection & Cyber Security
  • Laure Landes-Gronowski, French lawyer, Paris Bar, Partner – Head of IT, Data protection & Cybersecurity department, Agil’IT
  • Bradley Tosso, Assistant Information Commissioner, Gibraltar Regulatory Authority
  • More to be announced
Find out more →

8:00 am

Effective Zero Trust: How Zero Trust Can Help Secure Your Business

Zero trust can deliver greater security, less demanding workloads, reduced IT complexity and can be used to improve data protection and user experience. This session will look at how zero trust can be utilised in the most effective way.

Speakers include:

  • Ray Walshe, EU Observatory for ICT Standards / Asst Professor of Emerging Technologies Standardization Dublin City University
  • Yanya Viskovich, Chair, Cybersecurity & Governance, Swiss Cyber Forum
  • Pat McCarthy, AI Security and Privacy Protection Advisor, Huawei Cyber Security Transparency Centre    
  • More to be announced
Find out more →

9:00 am

Third Party Risk Management under GDPR: Ownership and Risks, Fines and Solutions. Sponsored by ProcessUnity

Data breaches via third parties are a growing problem for GDPR compliance. This session will discuss the ways in which you can protect your organisation against third party risk and how to respond in the event of a breach via a third-party relationship.

Speakers include:

Find out more →

10:00 am

Regulatory Developments: POPIA and the Principles of Enforcement Action - Sponsored by Wired Relations

South Africa’s Protection of Personal Information Act (POPIA) comes into enforcement from 1st July 2021.  This panel will discuss the forms in which it is likely enforcement will happen, assessing the triggers, exploring the history of what regulators look for, and what the implications are for South Africa.  Leading experts will forecast whether the regulators will be strict or reasonable as the law comes into enforcement, and debate the challenges ahead.

Speakers include:

Find out more →

11:00 am

Women and Diversity in Cybersecurity: Why Are We Still Having this Conversation? Sponsored by CyberSixgill

Recent research by Tessian found that a higher proportion of young men were likely to consider a career in cyber security than young women. This panel will look at ways we can, together, make the cybersecurity industry more attractive to women and how greater inclusion and diversity can help improve workplaces while tackling the cyber skills gap.

Speakers include:

Find out more →

12:00 pm

IT vs OT: Is There Too Much Operational Technology Online for Hackers?

The attack on the Colonial Pipeline was one of the most major hacks in the history of critical infrastructure.  But, this was not a hack on Colonial Pipeline's IT, but their Operational Technology.  The pipeline, which normally carries 2.5m barrels a day, is digital in terms of its operations.  This panel will discuss how this attack may have taken place, the vulnerability of OT on a network, and whether there is too much OT online for hackers to manipulate?

Speakers include:

Find out more →

1:00 pm

Why the Future of Trust Must Be Built on Data Transparency

As organizations invest more in Data Protection & Privacy, and regulators increase their scrutiny, this is a perfect moment in time for increased data transparency.  Companies can reveal more of how they use data, plus giving the end user more control and access.  This webinar will why trust and data transparency must go hand-in-hand and what the future heralds if more organizations follow this path.

Speakers include:

Find out more →

2:00 pm

Risk Assessments of Fast-Tracked Digital Transformation and the Importance of Back-up - Sponsored by Thales

Digital transformation is happening rapidly, but businesses have to be extra careful not to put their digital assets at risk. This panel discusses how back-up policies can play a key role in ensuring transformation does not lead to data loss.

Speakers include:

Find out more →

3:00 pm

Managing Employee SARs Using eDiscovery in a Covid-19 World

Organizations have seen some of the greatest staffing challenges over the last 18 months due to the pandemic - illness, furlough, redundancy and fulfilling mandatory SAR deadlines just some of the examples.  Utilizing eDiscovery to identify, collect and produce electronically stored information, as part of your SAR process, will speed up resolutions, reduce expenditure and mitigate the risks.

Speakers include:

Find out more →

4:00 pm

Americas Focus: Caribbean Data Protection & Privacy Regulations

The Caribbean has seen critical issues in regard to its data privacy regulations and has been slow in adopting comprehensive laws that provide formal legal structures for data transfers and protection. Currently, fifteen privacy laws have been passed, with Jamaica being the most recent by passing its Data Protection Act, 2020. The Government of Trinidad and Tobago are currently amending their own privacy law in accordance with the GDPR. This panel will discuss the future of the Caribbean’s Data Protection Regime and the possibility of a collaborative regional approach towards data protection, as well as harmonisation with international standards.

Speakers include:

Find out more →

5:00 pm

Americas Focus: USA and the Developing Nature of Privacy Law - Sponsored by Groundlabs

The patchwork nature of privacy law in the United States is getting ever more confusing, as different states pass their own pieces of legislation. This panel will discuss where this is all heading and gauges the prospect of an all-encompassing federal privacy law.

Speakers include:

  • Mike Harrigan, Founder and Data Privacy Attorney, DPO Adviser
  • Al Saikali, Partner and Chair of the Privacy and Data Security Practice, Shook, Hardy & Bacon
  • Lily Li, CIPP/US/E/M, GCFA, Founder/President of Metaverse Law Corporation, Metaverse Law Corporation
  • David Harris, CEO, Manetu
  • More to be announced
Find out more →

6:00 pm

Americas Focus: LGPD: Compliance, Enforcement and the Impact on South American Privacy Laws - Sponsored by Groundlabs

Lei Geral de Proteção de Dados (LGPD) is Brazil’s federal data privacy law that went into effect on September 18, 2020, with enforcement starting on August 1, 2021. With Brazil being a key market in Latin America for big US tech companies, the LGPD has been a positive move forward for Brazil’s legal privacy framework. This panel will discuss how companies can best prepare for compliance with the LGPD as well as its extraterritorial impact.

Speakers include:

Find out more →

Stream 1

7:00 am

Third Party Risk Management: Cybersecurity Expertise into Board Governance and a Company's Digital Defense

As companies the world over grapple with the rising cyber security threat, is it now time to have a director in charge of cybersecurity in the boardroom? If so, how do you ensure you find the right person. This panel discusses whether cybersecurity at board-level would help strengthen the digital defence of companies.

Speakers include:

  • Israel Rivera, Senior Manager, MBL Technologies
  • Anu Kukar, Data & Technology Risk – Thought Leader
  • More to be announced
Find out more →

8:00 am

How To Embed a Culture of Privacy Across Your Workforce; Listen to the Experts

A landmark employee survey, developed by Privacy Culture, seeks to understand employee attitudes, knowledge and behaviour towards data privacy and protection. In this session you can hear the latest results from the research and debate about current data protection workforce sentiments.

Speakers include:

  • Steve Wright, Partner, Privacy Culture    
  • Vivienne Artz, Chief Privacy Officer, London Stock Exchange
  • Ben Westwood, Compliance Director, Standard and Poor (formally IHS Markit)
  • Sue Taylor, Group Data Protection Officer, Provident Financial Group
  • More to be announced
Find out more →

9:00 am

Regulatory Developments: POPIA and the Transition from Non-Regulation - Sponsored by Privacy Experience Agency

From 1 July, businesses will have to comply with South Africa’s Protection of Personal Information Act (POPIA). This comprehensive legislation marks a sea change in the way businesses are regulated for data protection, including introducing a requirement to report data breaches. This panel will discuss how businesses can make the transition needed in order to comply with the new legislation.

Speakers include:

Find out more →

10:00 am

Managing Cybersecurity Challenges in Digital Transformation Projects - Sponsored by Groundlabs

Design and technology projects can involve heavy use of IT software by a wide group of people, making them a potential target for cyberattackers. This panel will discuss ways in which the potential risks can be mitigated.

Speakers include:

Find out more →

11:00 am

Trust: Why Companies Need Simplified Privacy Policies?

GDPR requires communications to data subjects to be “concise, transparent, intelligible and easily accessible”. Despite this many privacy policies are still complex and text-heavy. This panel will discuss the benefits of keeping policies short and simple and ways to ensure brevity while still meeting all the compliance requirements.

Speakers include:

Find out more →

11:30 am

The death of third-party cookies and the emergence of trust as a new currency in the digital economy (Sponsored by Usercentrics)

It is safe to say that the era of the third-party cookie is quickly coming to an end. Major internet browsers are already blocking third-party cookies by default and Tech giants like Google are already working on alternatives to third-party cookies. In addition, data regulatory requirements and decisions by data protection authorities imply that we can soon say adieu to third party cookies once and for all. So is the industry standing at a crossroads? What does this mean for your business? Will cookies be used for advertising purposes at all in the future and what do future alternatives look like? Sign up for our session to get all the answers!

Speakers include:

Find out more →

12:00 pm

Keynote: Michelle King, Managing Director of Equality Forward, Former Director of Inclusion, Netflix and Leading Global Expert in Gender Equality (Brought to you by GRC TV)

Based on over a decade's worth of research Michelle believes that to tackle inequality we need to fix workplace cultures so that they work for everyone. She is the host of a popular podcast called The Fix and recently released her book: The Fix: Overcome the Invisible Barriers that are Holding Women Back at Work.

Speakers include:

  • Michelle King, Managing Director of Equality Forward, Former Director of Inclusion, Netflix and Leading Global Expert in Gender Equality
  • Zoe Kleinman, Technology Reporter, BBC
Find out more →

1:00 pm

UK Data Protection Index panel

The UK Data Protection Index, produced by Data Protection World Forum and the DPO Centre, each quarter gives us a glimpse into the changing attitudes and sentiments of Data Protection Officers. The panel of 334 DPOs are quizzed every three months on the same set of questions, allowing us to track shifting sentiments. New questions are also added each quarter in order to gather insight into DPOs’ views on the very latest topics. In this session the panel will discuss some of the more eye-catching findings from the latest UK Data Protection Index report.

Speakers include:

  • Rob Masson, CEO, The DPO Centre
  • Eno Kadiri, Data Protection Officer at The DPO Centre
  • Lesley Holmes MA, CIPP/e, CISM, Data Protection Officer, MHR Global
  • Gordon Wade, Data Protection Officer | Group Legal Counsel, Hostelworld Group
  • Jonathan Craven, Head of Information Governance | Data Protection Officer at Central and North West London NHS Foundation Trust
Find out more →

2:00 pm

Artificial Intelligence: How Secure are your ML and AI projects? OR AI Security: How Human Bias Limits AI

We are on the cusp of an Artificial Intelligence and machine learning revolution, with Juniper Research forecasting a quadrupling of regtech spending globally by 2025 as a result. As companies look to technological solutions, this panel looks at the potential risks to security and what can be done to mitigate them. The session will also debate the limitations of Artificial Intelligence if human bias affects the data sets used.

Speakers include:

Find out more →

3:00 pm

Should Anyone Be Banned from Social Media for Life?

Facebook have currently decided not to reinstate Donald Trump's account, but their Oversight Board has said a final decision will be made in six months' time.  Trump's account was suspended following the Capitol Attack on Jan 6th. This panel will analyse the recent decision (or indecision), and will then discuss the question marks around censorship and whether anyone should lose the ability to communicate on Social Media.

Speakers include:

Find out more →

4:00 pm

Diversity and Inclusion: AI, ML and Data Ethics - Sponsored by FTI Consulting

Artificial intelligence and machine learning are increasingly being seen as a holy grail for enabling regulatory compliance, particularly for larger companies. However AI and ML rely on huge amounts of data to operate effectively and what happens if the data used to train the machine includes bias? This session will talk about the dangers of conscious and unconscious assumptions about race and gender and other concepts creeping into data sets and how this risk can be mitigated.

Speakers include:

  • Tanya Richardson, Senior Counsel, Privacy and Cybersecurity, Uber
  • Samantha Simms, CEO, The Information Collective
  • Aishwarya Srinivasan, AI&ML Innovation Leader, IBM
  • Merve Hickok, Founder, AIethicist.org
  • More to be announced
Find out more →

5:00 pm

Multi-Factor Authentication and the Roadmap to an Organisation's Increased Security

Multi-factor authentication is becoming more widespread as a key tool in the cyber security armoury. This panel will look at the role this authentication method can play in organisations’ security strategies and how challenges to implementation, including cost, equipment and knowledge constraints, can be overcome.

Speakers include:

Find out more →

6:00 pm

President Biden’s Executive Order on Cybersecurity’s Impact to the Software Industry (Sponsored by HITRUST)

On May 12, 2021 U.S. President Joe Biden published a wide-ranging executive order aimed at strengthening the UnitedStates’ cybersecurity. With the backdrop of recent high-profile cyber breaches impacting U.S. companies and critical infrastructure, the executive order is already too late but aims to prevent similar attacks in the future.  While Presidential Executive Orders are directed to U.S. Federal Government agencies, some of the tasks to government agencies will have an impact on companies in the United States and around the world.

Speakers:

Find out more →

6:30 pm

Business Through the Prism of Cyber (Sponsored by Cybersixgill)

When integrating a new technology into your organization, engaging in or trying to mitigate third party risk, one must think of its cyber hygiene. It starts with understanding where your vulnerabilities are, and how you can efficiently manage it. In this fireside chat, you will hear three different parts of the puzzle: Omer Carmi, VP of intelligence at Cybersixgill, is looking at the problem from the vendor side, and will discuss how cyber threat intelligence has grown into becoming a core part in every vulnerability management and 3rd party risk programs; Gal Shafir, director of engineering at Siemplify is looking at this from the security operations perspective, elaborating on automation and orchestration. With them, Tyler Young, director, head of cybersecurity at Relativity will dig into the importance of implementing threat intelligence at the core of a security program and how it fuels strategic decisions.

Speakers include:

Find out more →

Stream 2

8:00 am

Middle East and North Africa Focus: Ethical Data Management: How Do We Meet This Goal?

This panel will explore some of the most important questions when it comes to Ethical Data Managment such as: What is Data Sharing?  How do you communicate to your internal stakeholders the important of being completely forthcoming and objective about the personal data they process? and What does it mean in this time of rapidly developing, cutting edge tech, to share data ethically? A panel of experts will explore these and more, discussing how we meet this goal?

Speakers include:

Find out more →

9:00 am

Middle East and North Africa Focus: Data Protection and Privacy Regulations Across the Region - Sponsored by Privacy Experience Agency

Across the Middle East and North Africa (MENA), data protection legislation is still in its infancy, but where data protection laws do exist, enforcement is problematic. A 2020 survey suggested that over 40% of companies in MENA are facing regulatory investigations due to poor integration of technology. This panel discusses how the MENA region can ethically manage data in the wake of rapid transformation.

Find out more →

10:00 am

Middle East and North Africa: How to Prepare For a Privacy Orientated/Compliant Business Model? Sponsored by Privacy Experience Agency

Many organizations do business with organizations who are subject to certain privacy laws. What happens if organizations don’t have any standards for processing personal data and they are required by their business partners to have certain standards? They loose business opportunities as they can’t commit to respecting privacy of individuals whose personal data is entrusted to them.Sooner or later, every country in the region will have a privacy law. Why not start preparing now, and have an advantage when laws come in force?  Use privacy as an advantage with customers, business partners, and have a strong position for the upcoming privacy laws or enhance the state of compliance with the existing laws.

Speakers include:

Find out more →

11:00 am

Anatomy of a Successful Vendor Risk Assessment: What We See in Practice​

How are you assessing vendors today? What does your assessment look like? Is it the same for every vendor? We’ve worked alongside hundreds of world-class organizations to develop the latest vendor risk assessment best practices. In doing so, we’ve identified several key characteristics that serve as the foundation for any successful vendor risk assessment. In this session, you'll learn how the most efficient organizations design their vendor risk assessments, validate controls, incorporate automation, and streamline reviews.​  

- Hear top vendor risk assessment challenges and solutions​  

- Outline the most common standards and critical questions to ask​  

- Understand the traits of risky vendors and how to spot them​

Speakers include:

  • Jaymin Desai, CIPP/E, CIPM, Offering Manager, OneTrust
  • More to be announced
Find out more →

12:00 pm

What the EU AI Regulation means for businesses - Sponsored by Usercentrics

The European Commission's proposed AI Regulation is the world's first comprehensive legal framework regulating AI.

The AI Regulation would usher in a new era of EU regulation, designed to protect Europeans from AI-related harms while driving AI adoption and innovation across the EU.

The proposals would affect many businesses across a range of sectors. Any companies that use, develop, or distribute AI systems should be aware of how the regulation could affect them.

Join us as we discuss the regulatory impact of the proposed AI Regulation, including which businesses will be affected, which AI systems are banned or regulated, and what you can do now to prepare for the EU's new era of AI regulation.

Speakers include:

Find out more →

1:00 pm

Phishing, Ransomware Prevention Plans and Staying One Step Ahead of Cybercriminals

According to the FBI, phishing was the most common type of cybercrime in 2020 and nearly doubled in frequency to 241,324 incidents last year. But why are criminals increasingly looking to phishing to carry out attacks. This panel will examine the phenomenon and look at what organisations and businesses can do to strengthen their defences.

Speakers include:

Find out more →

2:00 pm

WFH and Data Protection: The Increasing Impacts of Covid-19 and What Comes Next?

The Covid-19 pandemic and the lockdowns around the world prompted businesses to put in place systems to allow employees to work from home. As restrictions in many parts of the world are now easing, there is a mixed picture about what happens next. Some businesses are keener than others to get employees back into the office, but for most some kind of hybrid approach looks inevitable. This panel will look at what this all means for data protection.

Speakers include:

Find out more →

3:00 pm

Data Breaches: It Does Happen All The Time and It Is a Big Deal

Incidents and data breaches are increasing year-on-year.  As regulatory scrutiny also grows, alongside the publicity of breaches and emerging private right of action, why do many organizations still treat data breaches as rare events, using ad hoc process, on-the-fly communication and cobbled-together toolsets.  There is a better way!

Speakers include:

Find out more →

4:00 pm

Privacy Program Management panel: Building a Privacy Culture Within Your Organisation

There is no short term fix when it comes to Privacy Program Management (PPM) - it is always ongoing and always contains a transparent set of standards and operational controls to help each step of privacy program development. This session will explore the goals of PPM, the framework of standards and controls and the steps that need to be taken to instil a Privacy Culture within your Organization.

Speakers include:

Find out more →

5:00 pm

What Happens After Third Party Cookies?

The death of the third-party cookie has been widely reported, but what comes next? Rising consumer expectations and changing legislation has meant that the global privacy ecosystem is quickly evolving. With Google's efforts to phase out third-party cookies on Chrome browsers by 2022, there is still a lot to be said on how marketing and advertising organisations can prepare for the changes.

Speakers include:

Find out more →

6:00 pm

Trust: The Children’s Code – Insight and Design at the Heart of Compliance

The privacy regulators have a message for brands – unless you can prove otherwise, you must assume that children – people under the age of 18 years old – are using your digital products and services. When it comes to lawfully processing the personal data of children regulators are reminding brands that there has always been a high bar for compliance. They want to see brands utilising new skills and capabilities - insight and design - to create an “age appropriate” privacy experience transformed by visibly different approaches to child friendly privacy communications and settings. This panel explores how to put insight and design front and centre to make sure you are creating the best age appropriate experience you can.

Speakers include:

  • Amy Lawrence, Counsel, Privacy & Data Security Group, Frankfurt Kurnit Klein & Selz
  • Chad Wollen, Founder, Privacy Experience Agency
  • Eddan Katz, Platform Curator: AI/ML at World Economic Forum
  • Adam Bargroff, Public and Privacy Policy Manager, Data Leadership at Facebook
  • More to be announced
Find out more →

Stream 1

7:00 am

Building Security Teams panel: The Increasing Importance of DEI in the Recruiting Process - Sponsored by Wired Relations

There has been much written about recruitment issues in cybersecurity, whether it be a cyber skills gap or retirees taking their expertise with them.  Could an increased focus on Diversity, Equity and Inclusion in the recruiting process be a weapon in the armoury against these tides?  A panel of experts in recruitment and DEI will discuss these questions and more.

Speakers include:

Find out more →

8:00 am

Diversity and Inclusion: Workplace, Data Collection and Usage - Sponsored by FTI Consulting

Embedding diversity and inclusion consideration in all working practices is rapidly being seen as a must by businesses. This panel will look at the factors organisations should consider when formulating their data collection and usage policies to ensure a diverse and inclusive workplace.

Speakers include:

Find out more →

10:00 am

Trust: Biometrics in Marketing and AdTech: How Advertising is Changing

As Third Party Cookies lose their grip and overall relevance, other technologies come to the forefront such as Biometrics.  Advertising has never, ever stood still, but the next few years will see seismic changes in Digital Advertising and this panel will explore where we are now, what the future could be, and what effects these new technologies will have on Data Protection & Privacy, Data Security and Data Governance.

Speakers include:

Find out more →

12:00 pm

Divergence in GDPR and the Financial Services Industry - Sponsored by Usercentrics

The patchwork nature of data protection regulations across the world creates a particular challenge for financial services firms operating overseas. This panel discusses how this, and divergence from GDPR, can be addressed.

Speakers include:

Find out more →

1:00 pm

How Do Data Protection Regulations Apply to AI and is GDPR Ready for Facial Recognition?

This panel will explore the relationship between Artificial Intelligence/Machine Learning and Data Protection Regulations, as well as discussing some of the most important points in relation to GDPR and Facial Recognition.  This panel will delve into recent EU decisions and the on-going challenges in the relationship between GDPR and facial recognition, as well as forecasting what the future may hold for this most controversial of topics.

Speakers include:

Find out more →

2:00 pm

Keynote: Max Schrems, Author and Renowned Data Protection Activist, Chairperson of NOYB (Brought to you by GRC TV)

Austrian privacy campaigner Max Schrems is best known as the man who held Facebook to account for its treatment of EU users' personal data—and brought down two transatlantic privacy frameworks in the process.

Last summer's "Schrems II" case caused major disruption to EU-U.S. data transfers and shone a light on intrusive U.S. surveillance laws. But for Schrems and fellow campaigners at nonprofit group NOYB (None of Your Business), the matter is far from settled.

We're excited to welcome leading data privacy activist Max Schrems following his landmark 'Schrems II' case last year. Hear Max’s reflection on the past 3 years of GDPR and what the future holds.


His latest campaign with NOYB targets "cookie banner terror" online. "Frustrating people into clicking ‘okay’ is a clear violation of the GDPR’s principles. Under the law, companies must facilitate users to express their choice and design systems fairly," Max said.

Speakers:

Find out more →

3:00 pm

Improve Your Compliance and Reduce Expenditure: Data Retention Done The Right Way

Why do most organizations fail to make their data retention policies operational?  A strong Data Retention Policy will provide benefits across legal and compliance activity, and reduce costs as well.  Less data means fewer costs - Data Retention improves compliance, not just with retention regulations, but privacy as well.  It can simplify DSAR and Discovery responses and reduce the risk of data loss.  Doing data retention the right way will improve your organization’s compliance and generate tangible results.

Speakers include:

Find out more →

4:00 pm

Confidential Computing: The Next, Great, Development in Data Protection - Sponsored by Thales

A recent IBM IBV study said 74% of CEOs think adoption of cloud will be critical for their businesses in the next two to three years. Cloud migration, however, brings a higher risk of data exposure, making cloud security a critical issue for businesses, post-pandemic. This panel discusses the potential of confidential computing in enabling businesses to process sensitive data in a hybrid cloud without compromising consumer privacy or security.

Speakers include:

  • Alistair Cole, Partner & Director of Services, Privacy Culture
  • Stefan Liesche, IBM Distinguished Engineer - IBM Hyper Protect Services, IBM
  • Christof Fetzer, Professor at TU Dresden and COO, Scontain
  • More to be announced
Find out more →

5:00 pm

Where Does a CISO's Role Go From Here?

Sudden digital transformation has put the role of the CISO in the spotlight with many in the cybersecurity industry suggesting that the title has become overused. Others may associate the role of the CISO as being innovation or cloud averse. This panel discusses what is next for the CISO as the role continues to adapt with the industry.

Speakers include:

Find out more →

6:00 pm

A Celebrity's Desire for a Privacy Framework

We may envy their bank accounts, their houses, their cars and their lifestyle, but a celebrity almost signs a contract of constant availability and lack of privacy as their fame rises.  This panel will explore case studies, including that of Harry and Meghan's moves away from Royal life exploring the psychology, the press and social media reactions, and what effects their move could have for Privacy for celebrities in the future.

Speakers include:

Find out more →

Stream 2

7:00 am

How do we Address the Large Skills Gap Across our Organisations when it comes to Emerging Technology Risk and Security? Sponsored by Wired Relations

This is one of the key challenges facing Boards and C-Suites globally; this panel will look at the options when it comes to upskilling your teams, what is the nature of upskilling and how do you put such methods into practice.  It will explore the “skills conundrum”, how do you prepare for it, and what are the new skills that are needed and how do I focus upskilling within your  organisation?

Speakers include:

  • Branko Ninkovic, National board member for AISA (Australian Information Security Association)
  • Sumeet Kukar, CEO, Arascina    
  • More to be announced

Find out more →

8:00 am

APAC Privacy Focus: China - their own internal regulations, what’s coming, and how do they relate to China’s neighboring countries

As DLA Piper confirm, "...a draft PRC Personal Information Protection Law (Draft PIPL) was published for consultation [in Oct 2020]. If passed, the Draft PIPL would be the first comprehensive national level personal information protection law in the PRC, creating binding compliance obligations previously considered recommended practice (under the Guidelines), and requiring organizations to comply with new compliance steps.".  A panel of experts will discuss this draft law, how will this relate to China's neighbours and what the future may herald for Chinese Data Protection and Privacy.

Speakers include:

Find out more →

9:00 am

APAC Privacy Focus: Customer's Engagement with Data Protection & Privacy, and How to Navigate Regional Regulations

Between 2019 and 2020, a number of countries across Asia developed their Data Privacy Laws - Singapore, China, Thailand, Sri Lanka, India, Hong Kong and Japan.  With more regulations, come more fines.  Bigger fines.  This session will explore some of these regulations, recent fines and the future.

Speakers include:

  • Shyam Mishra, VP of Risk, Compliance & Audit, Quantum Security
  • Kieran Donovan, Data & Technology Transactions Lead, Hong Kong, Latham & Watkins
  • Yulia Askhadulina, Director – Compliance and Data Protection, Minor Hotel Group
Find out more →

10:00 am

APAC Privacy Focus: Hong Kong and their Personal Data (Privacy) Ordinance; amendments and the focus from China

As the PCPD website states, "The Personal Data (Privacy) Ordinance (the "PDPO") was passed in 1995 and took effect from December 1996 (except certain provisions). It is one of Asia’s longest standing comprehensive data protection laws."  This webinar of experts will discuss the present climate, recent and forecast amendments to the ordinance, and explore the focus from the mainland as they develop their own internal regulations.

Speakers include:

Find out more →

11:00 am

Will the EU AI Regulation protect fundamental rights?

The European Commission says it designed its proposed AI Regulation to protect Europeans from AI-driven harms. The proposals set out a series of banned or regulated AI systems and attempt to eliminate bias from AI training data. But would the regulation go far enough to protect people's fundamental rights? Is the Commission right to take a "product safety" approach to AI systems? Would the law justify certain applications of biometric surveillance, "emotion recognition" and psychological manipulation? Without proper implementation, AI can exacerbate human biases, intrude on people's privacy, and drive social inequality. Does the EU's proposed AI Regulation address these problems—or could it make them worse?

Speakers include:

Find out more →

12:00 pm

Why Do Cars Need Brakes? Questioning the Need for Regulation

A car needs brakes to enable it to go faster!  The same analogy can be applied to the need for regulation, for as technology grows, gains speed, and pushes envelopes, regulation acts as the brakes enabling this exciting expansion. This session will discuss and question the need for regulation as a steadying influence on technologies such as AI/ML, Blockchain, Quantum Computing and more.

Speakers include:

  • Thomas Besore, Attorney/Owner, Thomas G Besore, Attorney at Law
  • Emma Martins, Data Protection Commissioner, Office of the Data Protection Authority, Guernsey
  • Dr. Igor Máté, Global Data Privacy Manager, Tetra Pak Group
  • Lene Gram Skjoldager, Senior Compliance Manager, Wired Relations
  • More to be announced
Find out more →

1:00 pm

Retail: The Future of Consumer Data Protection

The tech market is showing that it is getting more serious about consumer data privacy, with a new wave of privacy restrictions on the horizon. Apple’s announcement to adapt its “Identifier for Advertisers” mechanism sent shockwaves through Silicon Valley, rewriting and leaving gaps in the advertising ecosystem. This panel will discuss these gaps and how organisations handling consumer data can manage the emerging risks.

Speakers include:

  • Steve Wright, Partner, Privacy Culture
  • Stephen Cavey, Chief Evangelist, Co-Founder, Ground Labs
  • Professor Cathy Mulligan, Professor, Insituto Superior Tecnico, University of Lisbon                                                  
  • More to be announced
Find out more →

2:00 pm

Web, Mobile, OTT & CTV: How to Make Consent & Privacy an Asset, Not a Hurdle​

It’s no secret that we’re living in multi-device world. Never before have we been able to watch, listen to, download, and read the content we want, on the devices we own. At the same time, consumers are extremely conscious about their privacy and digital footprint. How can businesses deliver a better experience to the multi-device consumer? It’s all tied back to privacy, transparency, and opt-in consent.​

While historically, customer opt-in rate was a stranger to KPI scorecards for many businesses, it’s now becoming one of the most important things to measure and optimize. The more consent opt-ins your business receives, the more you’re able to personalize the user experience and measure marketing performance, which leads to increased revenue and overall business value.​

Now is the time to start focusing on your businesses’ level of transparency about privacy and measuring your current level of opt-ins so that you can start to plan how to optimize your strategy. Join these OneTrust consent management experts to gain an understanding of how to incorporate consent and privacy strategies across web, mobile, OTT and CTV applications, and learn best practices to help maximize consent rates.​

Speakers include:

  • Lukas Rottleb, CIPP/E, CIPM, Privacy Solutions Engineer, OneTrust
  • More to be announced
Find out more →

2:30 pm

The Cybersecurity Workforce, Knowledge, and Skill Gaps

The security industry has been facing growing gaps in workforce as well as knowledge andskills. While dropping in 2020, the difficulties in recruiting quality talent as well as trainingand retaining cybersecurity professionals are still major hurdles in driving successfulcybersecurity programs and operations.In this fireside chat, moderated by Lisa Couturier, Co-founder of R2R Growth Strategies, Sharon Wagner, CEO Cybersixgill, Roy Zur, CEO at Cybint Solutions, Larry Whiteside, Co-founder. current president of the International Consortium of Minority Cybersecurity Professionals (ICMCP), and Shannon Carlton, Co-founder at R2R Growth Strategies, will discuss the various aspects of the current state of the cybersecurity workforce and share insights about the steps companies can and need to do in order to overcome these challenges.

Speakers include:

Find out more →

3:00 pm

Third Party Risk Management: Regulatory Developments and the Impact on Vendor Risk Management (VRM) Sponsored By ProcessUnity & HITRUST

Covid-19 has led to Enterprise organizations increasing their focus on Third Party Risk Management.  But global regulatory developments have also had an effect upon companies challenges to do enough due-diligence to identify vendor risks.  This panel will discuss the relationship between data protection regulations and enterprise organization's work on TPRM to ensure critical risks are not missed at stages of the third-party lifecycle.

Speakers include:

Find out more →

4:00 pm

Politics, Economics, Social: Russia’s State-Led Cyber Espionage and Influence Operations

Whether it be the SolarWinds attack, the 2016 US election interference, or a number of other cyber operations over the past few years, there’s a growing perception/reality that Russia is increasingly flexing its cyber muscles internationally, using the lessons its learned through years of focused cyber-attacks and influence operations in Ukraine and other regional adversaries.  While those familiar with Russian operations and thinking will tell you that Russia’s goals include sowing doubt in Democracy, sabotaging transatlantic cooperation between the US and its partners, and bolstering a perception that Russia remains a super power, the question is what does this all mean to companies, Western governments and even the average citizen?  What are the risks that a company/companies might be caught in the middle and be Russia’s next target(s). What’s the risk of escalation, such as a cyber incident crossing over into a real-world military or nuclear standoff? And how do we realistically stop these cyber influence operations? This panel will discuss Russia's recent operations, what their strategy is, presentable challenges and solutions, potential escalation concerns, and what the rest of the 2020's could herald?

Speakers include:

Find out more →

5:00 pm

A Fireside Chat with Johnny Ryan

Johnny Ryan, Author, Senior Fellow at Irish Council for Civil Liberties, and Open Markets Institute. Self proclaimed sufferer of “adtech remorse”.

Speakers include:

  • Johnny Ryan, Author, Senior Fellow at Irish Council for Civil Liberties, and Open Markets Institute
Find out more →

6:00 pm

What Do The New Standard Contractual Clauses (SCCs) Mean for Data Transfers Post-Schrems II?

The European Commission has adopted a newly updated version of the Standard Contractual Clauses (SCCs), which are the most commonly used legal mechanisms for transferring personal data and international companies rely upon this hugely.  With companies endeavouring to comply with the CJEU’s decision in Schrems II, coupled with an overhaul of existing contracts resulting from new SCCs, this development will be of key importance for companies.

Speakers include:

Find out more →