GMT |
Tuesday 29th November 2022 |
09:00 |
Preparing for the UK’s GDPR and PECR Reforms 09:00 - 09:45
Data protection practitioners in the UK have had a rocky couple of years. From Dominic Cumming's 2018 comments on "binning" the "idiotic" GDPR, to the TIGRR Report, the DCMS consultation and the now possibly-binned Data Protection and Digital Information Bill.
Uncertainty is the only certainty in UK data protection landscape. As such, this panel will consider the current possibilities and help you prepare for the future of GDPR and PECR in the UK.
Host
Speakers
- Simon Pillinger, Head of Governance, Ethics and PPI, Akrivia Health
- Katie Hewson, Partner, Stephenson Harwood LLP
- Fay Godfree, Data Privacy Officer, Siemens Healthineers
- Eleonor Duhs, Partner, Head of Data Privacy, Bates Wells LLP
|
09:15 |
09:30 |
09:45 |
10:00 |
Bridging Borders: How to Manage International Data Transfers 10:00 - 10:45
Personal data can be an organization's most valuable, but also riskiest type of data. This data is governed by an ever-evolving regulatory landscape as reflected by the complexity of managing cross-border data transfers. Most recently the Schrems II case which has highlighted the direct conflict between US surveillance law and EU data protection. It is now, in the Golden Age of Data, that privacy professionals ask - how do we maintain a global data-driven economy while ensuring that it is not at the expense of the rights and freedoms of individuals?
This session will cover:
- Regulatory drivers impacting how organizations handle international data transfers
- Step by step guidance on how to conduct a Transfer Impact Assessment (TIA) and key considerations for streamlining processes
- Relevant measures to put in place to mitigate risk and ensure regulatory compliance
Speakers
|
10:15 |
10:30 |
10:45 |
11:00 |
That’s The Way The Third-Party Cookie Crumbles: The Future of Online Marketing 11:00 AM - 11:45 AM
As a sector, digital marketing has long been beset by compliance issues and has been subject to a great deal of high-profile enforcement action.
As Google finalises its plans to phase out third-party cookies, the company claims its new approach to ad-targeting will be more privacy friendly. But is this true? And what about considerations beyond privacy—most notably Google's market dominance?
This session will explore the future of online marketing and consider the implications for various stakeholders in the sector.
Speakers
|
11:15 |
11:30 |
11:45 |
What is ESG, how does it work and why is privacy such a key driver for Trust and the shareholder community 11:45 - 12:30
Speakers
- Steve Wright, CEO & Founder, Privacy Culture
- Belinda Doshi, Head of Legal, Data & IP at Lloyds Banking Group
- Graham Thomas, Privacy Director at KPMG, CIPP/E
- Lawrence Kivlin, Senior Data Security and Privacy Manager (DPO), Aegon UK
- Nicola Aliperti, Data Protection Officer Coca-Cola Europe, The Coca-Cola Company
|
12:00 |
12:15 |
12:30 |
Data Rights Management: Creating a Seamless, Efficient and Compliant Process 12:30 - 13:00
Data subjects are becoming increasingly aware of their data rights (Article 15) through to automated individual decision-making (Article 22). The challenge is, how do data controllers continue to meet the increasing demand for such requests.
This session will explore how a fully automated, self-service solution will improve your organisation's data rights management processes and significantly reduce costs.
Host
Speakers
|
12:45 |
13:00 |
Draft EU Legislation You Need to Know: AI Act, Cyber Resilience, Data Act and More 13:00 - 13:45
The GDPR changed the data protection sector immeasurably. But other upcoming EU laws could be equally significant in other ways.
This session will help ensure you are aware of what's coming next in the European regulatory landscape.
Host
Speakers
|
13:15 |
13:30 |
13:45 |
14:00 |
Turning a Hacker's Toolkit Against Them - Sponsored by Egress 14:00 - 14:45
Toolkits make a hacker’s life easy and democratize cybercrime. These kits are constantly evolving, but it is imperative that defenders understand how they work so that they can create defenses to protect their organization.
Join Egress' VP of Intelligence, Jack Chapman and Senior Director of Global Market Strategy, Duncan Mills, as they present the findings from their latest research into the tools that support the early stages of an attack:
-
Reconnaissance – the latest tools an attacker uses to discover what security controls their target has in place.
-
Weaponization – guided walk through of how easy tool kits are to acquire and how they are used.
-
Delivery – toolkits for the dominant threat channel, email.
Speakers
- Duncan Mills, Senior Director Global Market Strategy, Egress Software Technologies
- Jack Chapman, VP of Threat Intelligence, Egress Software Technologies
|
14:15 |
14:30 |
14:45 |
15:00 |
Could Meta Really Pull Out of Europe? The (Unintended?) Consequences of International Data Transfer Rules 15:00 - 15:45
Schrems II affected many companies' ability to transfer data from the EU to the US. Meta has repeatedly stated that an order to stop transfers could force the company to stop offering Facebook and Instagram services in Europe.
Could this be true, or is it a bluff? Could Meta change relocate its infrastructure to keep EU users' data in Europe—and if so, would this actually solve the problem?
This panel will explore this controversial topic through the lens of data transfer rules.
Host
Speakers
|
15:15 |
15:30 |
15:45 |
16:00 |
OT and IT: Differences, Controls, and Key Integration Points 16:00 - 16:45
We all know IT - the laptops, phones, applications, and cloud applications we use at work and home, that manage information. Systems that run industrial systems – electric utilities, gas pipelines, water systems, and manufacturing plants – are Operational Technology (OT).
OT cyber protection has many differences from IT – different systems, threats, requirements for managing vulnerabilities, and especially implications of a significant incident. Cyber incidents often require close coordination of IT and OT security domains.
During this session, we’ll explore some of the unique characteristics of OT environments, critical controls for OT cyber security, and key integration points between IT and OT security that streamline investigations and incident resolution.
Speakers
- Jan Hoff, Principal Industrial Incident Responder; Dragos, Inc.
- Kai Thomsen, Director, Global INcident Response Services; Dragos, Inc.
- Trish McGill, SME Cyber Security IT/OT, Self
|
16:15 |
16:30 |
16:45 |
17:00 |
Who Would be a Chief Privacy Officer? Pressures, Workflow and Future Trends in the Role 17:00 - 17:45
The role of Chief Privacy Officer (CPO) has existed since the early 90s, but CPOs have become increasingly commonplace as companies use more personal data in increasingly innovative—and sometimes risky—ways.
CPOs are tasked with coordinating technical and legal teams in a fast-paced regulatory landscape, and are responsible for what can sometimes be a company's most valuable asset—data.
This session will bring together CPOs from leading companies to discuss their day-to-day and explore how the role is evolving.
Speakers
|
17:15 |
17:30 |
17:45 |
18:00 |
Security Lessons From the Year’s Biggest Hacks 18:00 - 18:45
Every year, high-profile security incidents make headlines—and 2022 has been no exception.
From Uber to Optus, this year's biggest data breaches have had major impacts on the companies and individuals they affect. But analysis of these incidents can teach privacy and security professionals a lot about how to keep systems and data safe.
This session will examine some of 2022's most significant security incidents, and consider how we can learn from them.
Host
Speakers
- Susanne Bitter, Digital Security GRC Analyst - Business Partner Security, BP
|
18:15 |
18:30 |
18:45 |
19:00 |
Understanding US Privacy Law Developments: State Patchwork, FTC Rulemaking and Federal Law 19:00 - 19:45
US privacy law was once relatively simple for most companies not handling sensitive data. With a patchwork of comprehensive privacy state laws, an increasingly busy federal regulator, and an ever-more privacy-conscious general public, this is no longer the case.
This session will bring together experts in US privacy law to assess the current landscape—to help ensure you understand your responsibilities, wherever your company is based.
Host
- Julia Mehlman, Assistant Vice President & Associate Counsel, Data Privacy, L'Oreal
Speakers
|
19:15 |
19:30 |
19:45 |
20:00 |