Livestreaming on Wednesday May 18, PrivSec Focus: Enterprise Risk brings professionals up to speed with the ways in which businesses can develop protections against rapidly evolving threats.
Scott will be appearing on a panel at PrivSec Focus: Enterprise Risk, discussing how enterprises can formulate robust data breach management policies.
A partner in the Tokyo office of international law firm, Squire Patton Boggs, Scott specialises in cybersecurity, data privacy and digital disclosures in Asia and the Middle East. He also has significant experience in compliance, intellectual property (IP), litigation, dispute resolution, and government regulatory and internal investigations.
We spoke with Scott about his professional pathway, and for more insight into the pillars of data breach management strategy.
Could you outline your career journey to date?
I have followed a bit of a diverse career of coming from litigation, to in-house (managing global IP licensing/anti-counterfeiting/general corporate issues), to supplying legal technology (computer forensic/eDiscovery) solutions in APAC and now to focusing on data privacy/cybersecurity solutions for the APAC region. The lynchpin of all of this is the intersection between Legal and Technology.
Why are data breach management policies so essential in modern business?
The first step to any 12-step programme is to acknowledge that you have a problem. Companies need to understand that their IP and customer/client personal data is very likely being stolen. Once you understand that, you can take steps to correct, which usually starts at doing data mapping to understand what you have, where is it sits and what laws apply to it.
Who are the enterprise figures who should be involved in creating a robust data breach management policy?
Since the attack vector is so large, the solution to protection and responding is also very large. This is so much larger than implementing IT solutions. Effective cybersecurity protection involves a disparate group of professionals from throughout an organisation, including IT, Legal, Compliance, HR, PR, executive sponsorship and others essential for quickly and effectively responding to a data incident.
What should organisations be doing to strengthen their approaches to data breach management?
The most important thing is to act now. Statistics (from the most recent IBM/Ponemon study) show that by implementing a robust Cybersecurity Incident Response Plan and testing it through cyber-preparedness drill, an organisation can save more than 50% on the average cost of a breach.
Also on the panel:
- James Drury-Smith, Partner, DWF Law
- Sandy Silk, Director, Information Security Education & Consulting, Harvard University
- Caro Robson, MBA, LLM, FIP, Senior Consultant Legal Advisor, Data Protection & Technology, Milieu Consulting
- Jose Belo, Head of Data Privacy, Valuer.ai
Session time: 15:10-16:00 PM BST
Date: Wednesday 18th May 2022
Related events picked for you
PrivSec World Forum
Park Plaza Westminster Bridge, London: 7-8 June 2022
PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series.
PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.
The event is a must-attend for data protection, privacy and security professionals who are keen to network, learn more, discuss and add expertise to how these sectors are interconnected.