PrivSec Global

 

PrivSec Global

 
Headline Sponsor

OneTrust Logo



AGENDA

 

A Global Livestream Experience
17th & 18th May 2023

WATCH ALL SESSIONS ON-DEMAND

PrivSec Global brings together leading experts from around the globe, for a 2-day livestream experience that ensures attendees have access to the latest information, guidance and advice on data protection, privacy and security.

PrivSec Global returns on 17th & 18th May 2023, and will once again deliver a carefully curated agenda that taps into the expertise of subject matter experts, industry leaders and academics.

Session times shown below in British Summer Time (BST). All sessions will be recorded and available on-demand.

Agenda - 17th May 2023

Day 1

(Timings shown in British Summer Time (BST))

Day 1: Wednesday 17th May 2023

PrivSec Global Agenda | Timings shown in British Summer Time (BST)

Scroll left/right to view

BST Wednesday 17th May 2023
09:00

Privacy, Security and Digital Policy Update: Middle East and North Africa
09:00 - 09:45

The Middle East and North Africa (MENA) region is home to an increasingly sophisticated set of data protection and security regulation. But standards vary between countries, and the law is changing quickly.

Our panel will give an update on the latest data protection and security developments in the MENA region, identifying the most important legal developments and their implications for businesses operating in the region.

Host

Speakers

  • Hussein Shafik Bahgat, Group Chief Information Security and Privacy Officer, ADIB - Abu Dhabi Islamic Bank
  • Femi Daniel, Senior Counsel Privacy and Data Protection, Mastercard
  • Raneen Stanley, Data Privacy Lead, Aon
  • Lori Baker, Vice President - Legal & Director of Data Protection, DIFC
09:15
09:30
09:45
10:00

Privacy, Security and Digital Policy Update: Asia Pacific
10:00 - 10:45

Many countries throughout the Asia Pacific (APAC) region are updating or implementing data protection and security regulations. The importance of the APAC economy means these laws will have a serious impact on any business operating in the region.

This session will look at recent developments in APAC and explain what businesses should prepare for over the next few years.

Host

Speakers

  • Stefan Dodov, Head of Legal and Compliance; Director for Data Protection, Quant Analytics
  • Carolyn Bigg, Partner Global Co-Chair data protection, privacy and security, DLA Piper Hong Kong
  • Derwin Wu, Senior Manager for Digital Transformation & IT, Hyphens Pharma
10:15
10:30
10:45
11:00

Data Retention Policies: Balancing Privacy and Business Needs [Sponsored by Exterro]
11:00 AM - 11:30 AM

In today's digital age, data retention policies play a crucial role in defining how organizations manage and store data. However, finding the right balance between privacy requirements and business needs can take time and effort. In this presentation, we will explore the intricacies of data retention policies and the best practices for creating policies that strike the right balance between privacy and business considerations.

The presentation will cover key topics, including the legal and regulatory landscape surrounding data retention, the importance of privacy in data management, and the potential risks and consequences of inadequate data retention policies. We will also discuss the various factors organizations need to consider when developing data retention policies, such as data type, storage duration, access controls, and data destruction.

Host

11:15
11:30

GDPR Five Years On: How Has Data Protection Changed?
11:30 AM - 12:15 PM

Has the GDPR lived up to the hype? Are many businesses still non-compliant? And what tools and processes have been developed to make data protection better over the past five years?

Over half a decade since the GDPR took effect, our panellists will debate the biggest impacts of the EU’s best-known regulation.

Host

Speakers

11:45
12:00
12:15
12:30

Subject Access Requests: Respecting Data Rights While Saving Time and Resources
12:30 PM - 13:15 PM

Some companies still aren’t getting subject access requests right. And others don’t know how much time and resources they are wasting via inefficient processes.

This session will focus on creating a streamlined approach to data governance that allows for timely and comprehensive responses to subject access requests.

Host

Speakers

12:45
13:00
13:15
13:30

Privacy, Security and Digital Policy Update: Africa
13:30 - 14:15

This session will explore the exciting data protection and security legal landscape across Africa, where new laws with complex and varying requirements are developing fast.

Host

Speakers

13:45
14:00
14:15
14:30

How to measure the effectiveness of your privacy program [Sponsored by Privacy Culture]
14:30 - 15:00

It is crucial to have an effective privacy program in place that can ensure compliance with regulations, manage privacy risks, and build trust with customers and stakeholders. After 5 years of GDPR, measuring the effectiveness of your privacy program continues to be a complex and challenging task as privacy professionals argue that they face various challenges when it comes to measuring privacy effectiveness.

From risk assessments and privacy impact assessments to metrics and KPIs, this panel will explore different methodologies, tools, and best practices for evaluating the effectiveness of your privacy program.

Host

  • Steve Wright, CEO & Founder, Privacy Culture
  • 14:45
    15:00

    Privacy, Security and Digital Policy Update: UK
    15:00 - 15:45

    The UK government repeatedly namechecks data protection as one area in which the country could capitalise on its departure from the EU. But opinions vary as to whether the reform proposals will be effective or meaningful.

    Our panel will discuss the state of play in the UK and offer some predictions about the impact of the government’s reform agenda on businesses.

    Host

    Speakers

    15:15
    15:30
    15:45
    16:00

    EU Security Compliance: Cyber Resilience Act, NIS 2 and Beyond
    16:00 - 16:45

    Upcoming EU cyber security regulations could impact businesses of all sizes and sectors across Europe.

    This session will provide an overview of the current regulatory landscape for security professionals, and provide insights into what you should expect in the future.

    Host

    Speakers

    • Yanya Viskovich, Senior Manager, Security Consulting, Accenture Switzerland
    16:15
    16:30
    16:45
    17:00

    Sponsor Session
    17:00 - 17:30

    Session info coming soon.

    Host

    Speakers

    17:15
    17:30

    Preventing Insider Threats Without Compromising Workflow
    17:30 - 18:15

    Insider threats, whether through error or malicious action, still account for a large proportion of data breaches. But monitoring and trying to control the actions of your employees is fraught with issues.

    In this session, our panel will look at solutions that minimise the risk of insider security incidents while ensuring employees feel trusted and empowered.

    Host

    Speakers

    17:45
    18:00
    18:15
    18:30

    Privacy, Security and Digital Policy Update: North America
    18:30 - 19:15

    With five new state privacy laws taking effect this year, and President Biden specifically calling for federal privacy protection in his February state of the union address, privacy has never been a bigger deal in the US.

    As well as the US, there are lots upcoming movements in the Canadian Privacy, Cybersecurity and AI space, including the newly proposed Digital Charter Implementation Act (Bill C-27), and the Artificial Intelligence and Data Act (AIDA).

    This panel will explore the current and future state of privacy and security regulation in North America.

    Host

    • Yugo Nagashima, Partner, Frost Brown Todd LLP - US member of the PrivacyRules Alliance

    Speakers

    • Petruta Pirvan, Senior Privacy Principal Consultant and Implementation Manager, Purpose and Means
    • Julie He, Lawyer in Technology and Business Law, Fasken
    • Shahab Ahmed, Head of Legal, Head of Privacy, General Counsel Loyalty Group, Etihad
    18:45
    19:00
    19:15
    19:30

    Agenda - 18th May 2023

    Day 2

    (Timings shown in British Summer Time (BST))

    Day 2: Thursday 18th May 2023

    PrivSec Global Agenda | Timings shown in British Summer Time (BST)

    Scroll left/right to view

    BST Thursday 18th May 2023
    09:00

    What Is ‘Necessary’ for a Contract? GDPR Legal Bases Following the Meta Decisions
    09:00 - 09:45

    The Irish Data Protection Commission (DPC)’s decisions against Facebook, Instagram and WhatsApp are some of the most significant developments in data protection since the passing of the GDPR.

    Now the dust has settled, our panel will debate the merits of the European Data Protection Board (EDPB)’s approach towards lawful bases for processing, and consider how they might impact businesses beyond Meta.

    Host

    Speakers

    09:15
    09:30
    09:45
    10:00

    Is the GDPR’s ‘One-Stop-Shop’ Working?
    10:00 - 10:45

    One common criticism of the GDPR is that its enforcement process is not sufficiently effective. Critics argue that routing cross-border decisions through a controller’s “main establishment” has led to delays and created an enforcement gap.

    But what’s the alternative? Aren’t most cross-border decisions actually resolved effectively? This panel will explore the history of the GDPR’s one-stop-shop mechanism and consider how it might be improved.

    Host

    Speakers

    10:15
    10:30
    10:45
    11:00

    Staying Compliant: How To Manage Data Transfers Around The Globe [Sponsored by OneTrust]
    11:00 AM - 11:30 AM

    The topic of international data transfers has been a contentious subject since the Court of Justice of the European Union (CJEU) rules on the Schrems II case, invalidating the EU-US privacy shield and changing the way organisations manage persona data transfers overnight.

    Beyond the question of legality between transferring data between the US and the EU, data transfers are brought to the forefront in other regulatory updates including the UK Data Protection Bill, China’s PIPL, Canada’s PIPEDA, UAE’s PDPA.

    Join this session as we explore:​
    · How to effectively manage data transfers and mitigate risk of non-compliance with respect to global data transfer requirements​
    · How organisations need to document and assess the risk of data transfers, and provide consumers with notice and choice to share data with third parties​
    · A look at recent enforcement activity in the EU on data transfers​

    Host

    • Joseph Byrne, Solutions Engineering Specialist, FIP, CIPP/E, CIPM, CIPT, GRCP
    11:15
    11:30

    2023 vs 1984: Is State Surveillance Becoming More Intrusive?
    11:30 AM - 12:15 PM

    New data protection and privacy laws are developing all over the world. Yet the amount of data collected about people by corporations and governments continues to increase. And new technology, such as biometrics, IoT, and AI, bring new surveillance opportunities.

    In this panel, privacy experts will debate whether surveillance is more pervasive than ever, and discuss whether it’s too late to turn the tide.

    Host

    Speakers

    11:45
    12:00
    12:15
    12:30

    Generative AI and the GDPR: A Match Made in Hell?
    12:30 PM - 13:15 PM

    Large Language Models (LLMs) and image generation are officially mainstream. With millions of people using AI tools every day, the internet and wider society are changing fast.

    But there’s an elephant in the room. How does a product that indiscriminately scrapes personal data from the web coexist with GDPR principles such as data minimisation and purpose limitation? Let alone the implications for security, data subject rights, and lawfulness.

    Host

    Speakers

    12:45
    13:00
    13:15
    13:30

    Preparing for a privacy incident: last 90 days before it happens.
    13:30 - 14:00

    There is no such thing as perfect compliance - privacy incidents can and will happen.

    What matters most is that you have a systematic and rigorous approach to privacy management, and that you are continuously working to be better prepared tomorrow than you are today.

    In this session, our guests discuss how to identify, prioritise and address potential gaps in your readiness to demonstrate compliance.

    Host

    Speakers

    13:45
    14:00

    Ransomware: Should You Ever Pay? Preparing for the Worst
    14:00 - 14:45

    Research suggests that most organisations hit with a ransomware attack end up paying the ransom. Perhaps this is understandable—but is it the right decision? And can paying a ransom to cybercriminals actually be illegal in some circumstances?

    This session will address the elephant in the room: Is paying the ransom ever right? And what can organisations do to help ensure they never have to make this difficult decision.

    Host

    Speakers

    14:15
    14:30
    14:45
    15:00

    Fight Fire With Fire: Artificial Intelligence for Red Teams and Blue Teams
    15:00 - 15:45

    AI presents new challenges for security teams, with new tools available for hackers and more advanced social engineering techniques. But AI also provides new defences to help security teams detect and prevent attacks.

    This session will explore how AI is changing the threat landscape—and how to leverage AI to defend your organisation.

    Host

    Speakers

    15:15
    15:30
    15:45
    16:00

    Internet Intelligence for Better Exposure Management and Threat Hunting
    16:00 - 16:30

    Today’s security teams’ task lists are becoming more and more complex. To deal with a rapidly-growing threat environment and increasingly sophisticated bad actors, security teams are managing multiple tools that don’t provide a needed outside-in perspective. To protect your organization and customer data from harmful breaches, consider the advantages of deploying a threat hunting and exposure management platform powered by best-in-class internet intelligence.

    Host

    16:15
    16:30

    Children’s Rights and Adults’ Privacy: Can We Ever Strike a Balance?
    16:30 - 17:15

    Jurisdictions everywhere are trying to make the internet a safer place for kids. But this is no easy task. Is there a privacy-respecting way to implement age verification or ID requirements? Or do we have to sacrifice some privacy in the name of child safety?

    This session will explore the current child privacy landscape: What’s required, what’s expected, and how to balance the rights of children and adult users.

    Host

    Speakers

    16:45
    17:00
    17:15
    17:30

    Fireside chat: 'How can we ensure the metaverse is open, safe and accessible?'
    17:30 - 18:15

    To ensure safety, the metaverse should have robust security and privacy measures to protect users from cyber threats such as hacking, fraud, and harassment. Appropriate regulations and laws should be put in place to prevent exploitation and protect users' data and privacy.

    Ensuring the metaverse is open, safe, and accessible will require collaboration between technology companies, policymakers, and user communities.

    Join our discussion to explore how by working together, we can create a metaverse that benefits everyone and promotes innovation and creativity in a safe and inclusive environment.

    Host

    • Emilios Lemoniatis, Chief Digital Ethics and Privacy Officer Surrey and Borders Partnership NHS Foundation Trust

    Speakers

    17:45
    18:00
    18:15
    18:30

    Is Web3 the solution to doing a better job with data? The practicalities of returning control to consumers
    18:30 - 19:15

    One of the most fundamental tenets of Web3 is for consumers to regain ownership and control of their data. This means that they will be able to choose if and when information about them can be shared and used or even receive payments for access.

    But what practical steps do companies need to take in order to comply? Is Web3 the solution to restoring trust between consumers and brands?

    Host

    Speakers

    • Adebayo Tiamiyu, Web3 Investigations and Intelligence Expert
    • Yaser Zia, Chief Information Security Officer, Iranian Offshore Oil Company
    18:45
    19:00
    19:15
    19:30