PrivSec New NormalW

 

Premium Sponsor

PrivSec New Normal W

 

Our agenda

PrivSec New Normal delivers a content-rich schedule
of keynotes, panel debates and presentations.

 

Save your seat

16 November - Stream 1

View the agenda

BST Tuesday 16 November 2021
09:00

Welcome Address
09:00 AM - 09:15 AM;

09:15

Monitoring Staff Working From Home: Privacy Considerations
09:15 AM - 10:00 AM

Concerned about the impact of remote work on productivity, some organizations are monitoring their staff as they work from home—sometimes to a greater extent than they were in the office.

What are the legal considerations when tracking employees’ browsing and working habits in their own home? Is such activity even legal under data protection laws like the GDPR? And could any productivity gains justify the intrusion on people’s privacy?

Speakers

09:30
09:45
10:00

What COVID-19 Has Taught Us About Phishing
10:00 AM - 10:45 AM

COVID-19 brought panic, uncertainty, and a shift towards remote work: the perfect storm for a huge wave of phishing and other social engineering attacks.

As rates of coronavirus begin to ease off in some parts of the world, scammers will need to find new ways to persuade employees to click a phishing link or download a malicious payload.

Our panel will discuss the lessons on phishing since early 2020: What tactics work best to mitigate phishing? What motivates social engineering scammers? How can organizations move toward a more secure post-pandemic workplace?

Speaker

Dr. Cédric Krummes, Information Governance Officer, High Speed Two (HS2) Ltd.

10:15
10:30
10:45

Transfers Under a Microscope: Impact and Third Country Assessments - Sponsored by OneTrust
10:45 AM - 11:15 AM

2021 began full of anticipation for the release of two key documents: the European Commission's finalized standard contractual clauses, and the European Data Protection Board's finalized guidance on supplementary measures.

Since their arrival, organizations have been working hard to operationalize them, but challenges remain regarding the particular assessments of third countries that must be undertaken as well as understanding the risk and impact of all transfers at large.

In this session, we share a step-by-step guide to undertaking a Transfer Impact Assessment (TIA), the considerations when conducting Third Country Assessments (TCA), and the relevant measures that can be put in place to mitigate risk and ensure regulatory compliance.Understand the operational impact for organizations. Outline the necessity and considerations of the assessment of third countries. Breakdown the steps data importers and exporters can take to protect and enable transfers

Speaker

11:00
11:15

Morning Break
11:15 AM - 11:45 PM

11:30
11:45

Contact-Tracing Apps: Have They Helped, and Should We Keep Using Them?
11:45 PM - 12:30pm

Early in the pandemic, contact-tracing apps were seen as a key way to fight COVID-19.

Some countries, like Singapore and China, developed invasive apps to track people’s movements and behavior. Governments in Europe and the Americas mainly relied on the less intrusive Apple/Google Bluetooth framework.

More than a year into the use of such apps—which, if any, work best? How far should we be willing to sacrifice privacy and autonomy in the name of public health? And how long should contact-tracing apps remain a feature of society as we emerge from the pandemic?

Speakers

12:00
12:15
12:30

Could vaccine passports threaten privacy and drive inequality?
14:15 PM - 14:45 PM

Evidence increasingly confirms that COVID-19 vaccines are effective. But a substantial portion of society continues to be hesitant about getting their shots.

Vaccine passports could be a way to mitigate the impacts of COVID-19 and help contain the spread of the disease. But some are worried about denying access to travel or facilities to unvaccinated people.

Furthermore, vaccine passports have provoked privacy concerns. Should people be expected to share their health data with an increasingly broad range of actors—from border guards to nightclub security staff?

Our panel will discuss the ethical and social dimensions of vaccine passports: Could vaccine passports create a new social divide? Are we balancing privacy and freedom properly? And is there a secure and privacy-preserving solution to this problem?

Speakers

12:45
13:00
13:15

Afternoon Break
13:15 PM - 14:15 PM

13:30
13:45
14:00
14:15

The UK's Post-Brexit GDPR Reforms: What to Expect, How to Adapt
14:15 PM - 14:45 pm

After leaving the EU, the UK retained the GDPR in its domestic law and earned its EU adequacy. But more recently, the government has suggested that the UK will diverge dramatically on data protection and privacy.

Along with appointing a new Information Commissioner, the UK plans to set up its own adequacy network to enable the liberal flow of personal data around the world. The government has also announced plans to eliminate cookie banners—plans that could have a significant impact on digital advertising.

But are these plans realistic? How could they be implemented? Is the UK putting its existing EU data flow arrangements at risk?

Our panel will explore how should businesses that trade in—or with—the UK should adapt to the data protection "new normal".

Speakers

14:30
14:45

Sponsor Led Session
14:45 PM - 15:15 PM

More details coming soon

Speakers

15:00
15:15

How Has the Pandemic Changed Consumer Privacy, and How Should Businesses Respond?
15:15 PM - 15:45 PM

Confined to their homes, consumers have become more dependent than ever on their devices—and have spent more and more time being monitored and targeted by big tech firms.

But the public conversation on privacy has changed markedly over the past year and a half.

Apple’s pro-privacy marketing drive has captured the public imagination. WhatsApp’s data processing changes sparked widespread concern. And privacy-enhancing apps and products are increasingly mainstream.

What’s the direction of travel for consumer privacy? How should businesses respond? And can privacy-oriented companies thrive in this new environment?

Speakers

15:30
15:45

Afternoon Break
15:45 PM - 16:15 PM

16:00
16:15

Ensuring Security in Hybrid Work Environments
16:15 PM - 17:00 PM

Work from home, return to the office—or both?

Hybrid work environments, where employees are spread across remote and office-based workplaces, are becoming increasingly common as the lockdown/re-open cycle continues.

What are the main security considerations for hybrid work environment? How can organizations adapt their security regimes to protect employees and assets as they transition to hybrid work?

Speakers

16:30
16:45
17:00

Identity and Access Management: Restoring Control Post-Pandemic
17:00 PM - 17:30 PM

The pandemic dramatically increased the use of cloud computing and cloud storage. Businesses are likely to continue to rely on the cloud in the “new normal” working environment.

The pivot to cloud technology brings new challenges, particularly in identity and access management (IAM). Many organizations found themselves dealing with IAM—and navigating the associated risks and complexities—for the first time.

Moving forward, how can organizations ensure their IAM processes are safe and secure? Can zero trust technology play a role? How can security teams ensure that employees are taking IAM security seriously?

Speakers

  • Yasmin Hinds, Global Privacy Lead & Legal Counsel, Pontoon Solutions
17:15
17:30

Closing Remarks
17:30 PM - 17:40 PM

17:35
17:40

16 November - Stream 2

View the agenda

BST Tuesday 16 November 2021
09:00

Welcome Address
09:00 AM - 09:15 AM;

09:15

Adapting to the New Normal: Practical Insights from Privacy and Data Protection Professionals
09:15 AM - 10:00 AM

The immense change and challenges brought about by 2020 and 2021—with increased data collection, new security threats, and a more privacy-conscious public—have brought many changes to privacy and data protection professionals.

PrivSec New Normal will bring together a panel of professionals to discuss how their roles have evolved since the start of the pandemic, and how they are meeting the challenges brought about by the new normal

Speakers

09:30
09:45
10:00

12 Fundamental Principles of Supply Chain Security: Essential Steps to Mitigate Third-Party Risks
10:00 AM - 10:45 AM

Supply chains are growing, and so are the associated privacy and security risks. Poor supply chain vulnerability management exposes your company to upstream risks—and can threaten every business and consumer downstream, too.

Our panel will explore 12 principles of supply chain security, and consider how you can implement them into your organisation's practices.

Speaker

To be announced, More to follow

10:15
10:30
10:45

Sponsor Led Session
10:45 AM - 11:15 AM

More details coming soon.

Speaker

11:00
11:15

Morning Break
11:15 AM - 11:45 PM

11:30
11:45

How to Build a Privacy Culture Across a Hybrid and Remote Work Environment: The Importance of Communication and Training
11:45 PM - 12:30pm

Could it be said that hybrid and remote working is now simply "work"? With so many new staff starting that management will meet irregularly, how do you best build a culture of privacy across your company in this kind of environment. This panel will discuss the need for superior communication, what needs to be transmitted, and how important a system of training is to instill this culture across the team.

Host

Speakers

12:00
12:15
12:30

Why Many UK Businesses Must Continue Following EU Data Law
12:30 PM - 13:15 PM

The UK's EU adequacy condition comes with strings attached: The EU will expect the UK not to diverge significantly from EU data and privacy law. And UK businesses operating in the EEA must apply the EU's high standards to data subject.

With important pieces of legislation on the horizon (such as the the ePrivacy Regulation, the AI Act, and the Digital Services Act), UK companies need to be aware and proactive. From regular internal assessments to building a privacy framework, this panel will explore ways UK companies can remain aware, react and ensure they remain compliant.

Speakers

12:45
13:00
13:15

Afternoon Break
13:15 PM - 14:15 PM

13:30
13:45
14:00
14:15

Data Subject Access Requests (DSARs) in the UK's Reform Proposals: How Could the Changes Affect Your Business?
14:15 PM - 14:45 pm

The UK government's desire to "reduce burdens on businesses" involves a reform to one of the GDPR's most significant provisions: data subject access requests (DSARs).

If enacted, the reforms would require data subjects to pay for DSARs, and would lower the threshold at which a controller could refuse a request.

PrivSec New Normal will explore the nature and implication of these proposals: Is it fair to reintroduce fees for data subjects? Will this significantly many reduce compliance burdens, given that the rules for EU-based data subjects will remain the same? How can you prepare to leverage this change and reduce the costs associated with DSARs?

Speakers

  • Nicholas Foster, Head of Information Governance & GDPR Group Data Protection Officer, Caretech Holdings Plc
14:30
14:45

Sponsor Led Session
14:45 PM - 15:15 PM

More details coming soon

Speakers

15:00
15:15

Cybersecurity: Harnessing Machine Learning to Prevent and Mitigate Cyberattacks
15:15 PM - 15:45 PM

By anticipating and actually responding to threats in real-time, machine learning can provide powerful and user-friendly cybersecurity solutions.

This panel will explore the importance of AI and ML to the future of cybersecurity and explain how ML solutions can prevent attacks rather than simply mitigating them.

Speakers

15:30
15:45
16:00
16:15

A "Post-Schrems" UK: Will the Government's GDPR Proposals Make Data Transfers Easier?
16:15 PM - 17:00 PM

Which parts of the UK government's GDPR reforms will pass into law? It's too soon to say. But in the area of international data transfers, the UK's intentions have been clear for some time.

The government has plans to add up to ten countries—including the US—to the UK's "adequacy" list, and even proposes to allow organisations to "create their own transfer mechanisms". But if this new regime is too liberal for the EU, it might cost the UK its adequacy decision—which could cause data transfer compliance obligations to increase.

Our panel will make sense of the UK's proposals and consider how businesses can prepare.

Speakers

16:30
16:45
17:00

The UK's GDPR and PECR Proposals: A Brexit Bonfire of Rights or a Sensible Reform?
17:00 PM - 17:30 PM

This panel will be an open, honest discussion between professionals who either (a) believe that the proposals announced by the Department for Digital. Culture, Media and Sport will weaken our data protection and privacy rights, or (b) believe Brexit offers opportunities for divergence from EU law and that these will not unduly tip the balance too far in favour of data controllers.

Speakers

17:15
17:30

Closing Remarks
17:30 PM - 17:40 PM

17:35
17:40