Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-aug-2018)

204 views

Published on

How do you build and sustain organisational resilience?
Beyond the cyber threats, data breaches, risks and compliance, where are the opportunities for digital transformation and innovation in a post GDPR world?

More info:
https://content.ardoq.com/ardoq-events-join_us

Event created together with Sympatico Consulting:
https://www.sympaticoconsulting.co.uk/

Published in: Business
  • Be the first to comment

  • Be the first to like this

Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-aug-2018)

  1. 1. Building Resilience in a Post GDPR World 14.08.18
  2. 2. BUILDING RESILIENCE POST GDPR 1630-16:35 Welcome 1635-1700 Integrating GDPR compliance into Security and Risk management Petteri Vainikka, Ardoq CMO 1700-17:30 Panel Discussion Sorcha Lorimer, Sympatico; Nic Miller, Aedile; Colan Mehaffey, Edinburgh University: How do you sustain organisational resilience post-GDPR? 1730-1930 Q&A Networking drinks & canapés
  3. 3. Integrating GDPR compliance into Security and Risk management Petteri Vainikka // CMO // +358 50 584 5350 // petteri.vainikka@ardoq.com RESILIENCE IN A POST GDPR WORD | EDINBURGH | AUGUST 14. 2018
  4. 4. About me • >15 years experience in mobile, internet & data technologies and their global markets • Today focusing on compliance, governance and digital transformation, CMO at Ardoq • Past 7 years within the DMP market, resulting in a ‘data perspective’ on things • Always at the intersection of new technology and its commercial application
  5. 5. We enable our customers to digitally transform. We do this by bringing business together with IT, whilst respecting data privacy and creating good governance. About Ardoq
  6. 6. Organizational complexity Rate of change Volume of data & information Digital threats Developing AI/ML capabilities Predicting omni-industry evolution towards 2020 and beyond is easy
  7. 7. Organizational complexity Rate of change Volume of data & information Digital threats Developing AI/ML capabilities An exponential challenge cannot be addressed by a linear solution
  8. 8. ”Maintenance budgets for GDPR and ePrivacy compliance are larger than initial budgets — and they’ll only get larger.” ”Fifty-eight percent have an annual maintaining budget of $1M+” (And a whopping 88% can look forward to an annual maintenance budget above $500k) ‘By year-end 2018, fewer than 50% of companies affected will be compliance- ready.” ”More than 60% of large organizations will have a privacy management program fully integrated into the business by 2021.” ”Technology business unit leaders responsible for compliance platforms should consider AI applications to ease process complexities.” Sources: Forrester Research (December 2017): Embrace The GDPR To Gain A Competitive Edge & Gartner Analysis (March 2018): Market Insight: Address GDPR Compliance With AI Applications
  9. 9. ”More than 60% of large organizations will have a privacy management program fully integrated into the business by 2021” Source: Gartner Analysis (March 2018): Market Insight: Address GDPR Compliance With AI Applications
  10. 10. Business Operating System Source: Presentation by Lars Jørgensen, Chief Digital Officer at Aera Payment & Identification at Gartner Enterprise Architecture and Technology Innovation Summit London 2018: Digital journey in fintech – lean EA in dynamic regulated market ”privacy management program fully integrated into the business”
  11. 11. Source: Presentation by Lars Jørgensen, Chief Digital Officer at Aera Payment & Identification at Gartner Enterprise Architecture and Technology Innovation Summit London 2018: Digital journey in fintech – lean EA in dynamic regulated market Corporate Strategy Service Architecture Application Architecture Risk & Compliance Control BOS: Seamless flow across corporate strategy to eGRC
  12. 12. Organizational complexity Rate of change Volume of data & information Digital threats Developing AI/ML capabilities An exponentially scaling solution is to look at organizations as data
  13. 13. THANK YOU! It’s the DATA we care about and how it’s CONNECTED
  14. 14. Enterprise Intelligence Graph for Compliance, Governance, and Transformation We call the solution
  15. 15. GDPR & Security and Risk management as data We call it Data Driven Compliance
  16. 16. Why address the GDPR as data?
  17. 17. Why address the GDPR as data? Because It is only one of many Source: Regulatory compliance landscale of Norway based Aera Payment & Indentification, offering omni-channel retail payment and identification services to merchants Finansforetaksloven Finansavtaleloven IKT-forskriften Betalingssystemloven Markedsføringsloven E-handelsdirektivet
  18. 18. GDPR as graph data
  19. 19. Of course to most of us, the graph will rather manifest itself like this
  20. 20. Split into domains Managed by domain experts The #1 challenge: How to actually execute?
  21. 21. Delegated ownership, integrated analysis Business Architect Information Architect Chief Risk & Compliance Officer Lawyer/ Ext. DPO Source: Presentation by Lars Jørgensen, Chief Digital Officer at Aera Payment & Identification at Gartner Enterprise Architecture and Technology Innovation Summit London 2018: Digital journey in fintech – lean EA in dynamic regulated market
  22. 22. ENTERPRISE ARCHITECTURE - REALIZE YOUR DIGITAL ROADMAP - Enterprise Intelligence Graph for Compliance, Governance, and Transformation ADOQ SURVEYS
  23. 23. …then connect data dimensions that matter • Deploy and operate multiple bite-sized and understandable models that fit the domain needs instantly • Compose your holistic architecture of smaller architectural subsets • Connect information across layers and models, evolve and expand your metamodel over time organically • Syndicate for overview and more extensive dependency analysis as your security and compliance architecture grows • Unleash graph querying to analyze complex vulnerability and impact relationships
  24. 24. If I had more time, I would have written a shorter letter. – Blaise Pascal, 1657 Original quote in French: Je n’ai fait celle-ci plus longue que parce que je n’ai pas eu le loisir de la faire plus courte.
  25. 25. Data classification
  26. 26. Data storage and use
  27. 27. Threat modeling
  28. 28. Threat modeling
  29. 29. Risk modeling
  30. 30. Risk management
  31. 31. Risk management
  32. 32. REPRESENT YOUR ORGANIZATION AS DATA Analyze and model change, trigger real-time augmented notifications, and address eGRC dynamically NEW SECURITY ARCHITECTURE IS DATA-DRIVEN RE-USABLE EASY TO UNDERSTAND CROWD SOURCED
  33. 33. Petteri Vainikka // CMO // +358 50 584 5350 // petteri.vainikka@ardoq.com Experience more at https://ardoq.com
  34. 34. PANEL DISCUSSION How do you sustain organisational resilience post-GDPR? Colan Mehaffey, The University of Edinburgh Sorcha Lorimer, Sympatico Digital & Data Consulting Nic Miller, vCISO, Aedile Consulting Facilitator: Ralph Natter Berg, Ardoq
  35. 35. QUESTIONS?
  36. 36. Networking drinks & Canapés Stay in touch & find out more about how we can help with Digital, GDPR, Privacy risk & Security: ardoq.com aedileconsulting.com sympaticoconsulting.co.uk Thank you.

×