2017 - Data Privacy and GDPR (v1.1)

Rui Miguel Feio
Rui Miguel FeioSenior Technical Lead at RSM Partners
Delivering the best in z services, software, hardware and training.Delivering the best in z services, software, hardware and training. Delivering the best in z services, skills, security and software. Data Privacy and GDPR Rui Miguel Feio – Senior Technical Lead
Agenda • Introduction • Data Privacy and Data Protection • The Business of Data • Companies and Data Privacy • General Data Protection Regulation (GDPR) • What Should You Do? • Q&A
Who am I? RUI MIGUEL FEIO • Senior Technical Lead at RSM Partners • Based in the UK but travels all over the world • 18 years experience working with mainframes • Started with IBM as an MVS Sys Programmer • Specialist in mainframe security • Experience in other platforms
Data Privacy and Data Protection
2017 - Data Privacy and GDPR (v1.1)
The Data Protection Act controls how your personal information is used by organisations, businesses or the government. Everyone responsible for using data has to follow strict rules called ‘data protection principles’. The UK Data Protection Act https://www.gov.uk/data-protection/the-data-protection-act
European Commission http://ec.europa.eu/justice/data-protection/
The Business of Data
• On a daily basis Google processes around 24 Petabytes of data • This data is then stored and sold for advertisement • A study published by the Wall Street Journal on Facebook: – Each long-term user is worth $80.95 – Each friendship is worth $0.62 – A profile page is worth $1,800 – A business page and associated ad revenues are worth $3.1 million
2017 - Data Privacy and GDPR (v1.1)
A Ponemon Institute study for 2016 sponsored by IBM: – Average total cost is $4 million (up 29% since 2013) – Average cost per record breached is $158, but it ranges from: • $355 for health care organisations • $221 for Financial institutions • $172 for retail industries – 26% is the likelihood of a breach happening over 24 months https://www-03.ibm.com/security/infographics/data-breach/
2017 - Data Privacy and GDPR (v1.1)
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
https://www.webpagefx.com/blog/general/what-are-data-brokers-and-what-is-your-data-worth-infographic/
https://www.webpagefx.com/blog/general/what-are-data-brokers-and-what-is-your-data-worth-infographic/
https://www.webpagefx.com/blog/general/what-are-data-brokers-and-what-is-your-data-worth-infographic/ “It knows who you are. It knows where you live. It knows what you do.” New York Times
Companies and Data Privacy
Privacy Policy / Terms & Conditions
Privacy Policy / Terms & Conditions
“[…] a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties” Google’s legal team
2017 - Data Privacy and GDPR (v1.1)
2017 - Data Privacy and GDPR (v1.1)
General Data Protection Regulation (GDPR)
• General Data Protection Regulation to be enforced on 25 May 2018 • This regulation will impact any business, whether based in the EU or not, that holds the personal data of EU citizens. • GDPR is driven by two serious threats: – Reputational damage – Monetary fines (up to €20m max or 4% of total worldwide annual turnover, whichever is higher) • Mandatory for businesses of over 250 employees to appoint a Data Protection Officer (DPO). • GDPR has several rules such as ‘the right to be forgotten’ GDPR Overview http://www.eugdpr.org/
2017 - Data Privacy and GDPR (v1.1)
• 1 in 4 companies in the UK have stopped preparing for GDPR • “If you process data about individuals in the context of selling goods or services to citizens in other EU countries then you will need to comply with the GDPR, irrespective as to whether or not you the UK retains the GDPR post-Brexit.” * • 84% of financial services firms are not prepared for GDPR** The Brexit and GDPR * http://www.eugdpr.org/gdpr-faqs.html ** 2016 Egress article
What Should You Do?
• Take data privacy and data protection seriously!! • Prepare for GDPR (better late than never…) • Identify, review, control and protect the data you store • Classify your data • Nominate “owners” responsible for the data • Take security seriously!! • It’s not about when or if you’ll be hacked, it’s about what will you do when you are!
The 2016 study concluded: – Appointing a CISO saved $7 per record – Involving Business Continuity Management saved $9 per record – Participation in threat sharing saved $9 per record – Extensive use of encryption saved $13 per record – An incident response team saved $16 per record
Questions?
Rui Miguel Feio, RSM Partners ruif@rsmpartners.com mobile: +44 (0) 7570 911459 www.rsmpartners.com Contact www.linkedin.com/in/rfeio
1 of 31

2017 - Data Privacy and GDPR (v1.1)

Download to read offline
Internet

The challenges of Data Privacy for a company will now become even more relevant with the implementation of the General Data Protection Regulation (GDPR). Are you ready for it? What should you do? What should you consider?

Rui Miguel Feio
Rui Miguel FeioSenior Technical Lead at RSM Partners

Recommended

(2017) Cybercrime, Inc. (v3.2)(2017) Cybercrime, Inc. (v3.2)
(2017) Cybercrime, Inc. (v3.2)Rui Miguel Feio
422 views47 slides
(2017) GDPR – What Does It Mean For The Mainframe v0.2(2017) GDPR – What Does It Mean For The Mainframe v0.2
(2017) GDPR – What Does It Mean For The Mainframe v0.2Rui Miguel Feio
748 views37 slides
2017 - A New Look at Mainframe Hacking and Penetration Testing v2.22017 - A New Look at Mainframe Hacking and Penetration Testing v2.2
2017 - A New Look at Mainframe Hacking and Penetration Testing v2.2Rui Miguel Feio
2K views48 slides
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)Rui Miguel Feio
620 views45 slides
Network and Endpoint Security v1.0 (2017)Network and Endpoint Security v1.0 (2017)
Network and Endpoint Security v1.0 (2017)Rui Miguel Feio
1.5K views32 slides
Security Audit on the Mainframe (v1.0 - 2016)Security Audit on the Mainframe (v1.0 - 2016)
Security Audit on the Mainframe (v1.0 - 2016)Rui Miguel Feio
869 views36 slides

More Related Content

What's hot

What's hot(20)

Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)
Share 2015 - 5 Myths that can put your Mainframe at risk (v1.3)
Rui Miguel Feio634 views
The Billion Dollar Product - Online Privacy (v2.2)The Billion Dollar Product - Online Privacy (v2.2)
The Billion Dollar Product - Online Privacy (v2.2)
Rui Miguel Feio341 views
The Threat is Real: Protect Valuable Systems and Data from the Inside and OutThe Threat is Real: Protect Valuable Systems and Data from the Inside and Out
The Threat is Real: Protect Valuable Systems and Data from the Inside and Out
Bomgar93 views
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Ben Rothke400 views
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and Future
John Gilligan127 views
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
David Doughty195 views
Lessons learned from the SingHealth Data Breach COI ReportLessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI Report
Benjamin Ang1.2K views
Jamaica: victim or perpetrator of cyber crime and intrusions (final)Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Jamaica: victim or perpetrator of cyber crime and intrusions (final)
Michele Marius1.6K views
Nvis pitch deck version 4 - 2021 decNvis pitch deck version 4 - 2021 dec
Nvis pitch deck version 4 - 2021 dec
PhilSmith15116339 views
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB 1.5K views
Competitive cyber securityCompetitive cyber security
Competitive cyber security
William Mathews352 views
ICS Supply Chain Security: Learning from Recent Incidents and Other SectorsICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
ICS Supply Chain Security: Learning from Recent Incidents and Other Sectors
EnergySec1.5K views
Piggy Backing & Tailgating (Security)Piggy Backing & Tailgating (Security)
Piggy Backing & Tailgating (Security)
GAURAV. H .TANDON11K views
NVIS-Pitch Deck version 6 - 2022 MAR.pdfNVIS-Pitch Deck version 6 - 2022 MAR.pdf
NVIS-Pitch Deck version 6 - 2022 MAR.pdf
PhilSmith165102 views
Cyber Security: Past and FutureCyber Security: Past and Future
Cyber Security: Past and Future
John Gilligan689 views
Lesson 4Lesson 4
Lesson 4
MLG College of Learning, Inc259 views
Lesson 1Lesson 1
Lesson 1
MLG College of Learning, Inc178 views
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
Resilient Systems1.9K views
Nvis, inc. 01 01-2021Nvis, inc. 01 01-2021
Nvis, inc. 01 01-2021
PhilSmith165168 views
Erik Nachbahr "Dealership Technology"Erik Nachbahr "Dealership Technology"
Erik Nachbahr "Dealership Technology"
Sean Bradley508 views

Similar to 2017 - Data Privacy and GDPR (v1.1)

Similar to 2017 - Data Privacy and GDPR (v1.1)(20)

1 -2-6 kista watson summit-gdpr ibm pov hogg-sm1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
IBM Sverige118 views
GDPR 101GDPR 101
GDPR 101
Mafazo: Digital Solutions45 views
Compliance in Motion: Aligning Data Governance Initiatives with Business Obje...Compliance in Motion: Aligning Data Governance Initiatives with Business Obje...
Compliance in Motion: Aligning Data Governance Initiatives with Business Obje...
confluent2K views
2016 11-17-gdpr-integro-webinar2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar
Richard Hogg,Global GDPR Offerings Evangelist487 views
20170323 are you ready the new gdpr is here20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here
Richard Hogg,Global GDPR Offerings Evangelist714 views
Ipswitch and cordery on the road " All you need to know about GDPR but are t...Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Sébastien Roques477 views
Understanding GDPR: Myths & Reality of ComplianceUnderstanding GDPR: Myths & Reality of Compliance
Understanding GDPR: Myths & Reality of Compliance
Veridium1.7K views
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec Webinar Part 4 of 6 GDPR Compliance, What NAM Organizations Need to...
Symantec365 views
ABCON-AGM-2021-Final-2.pptxABCON-AGM-2021-Final-2.pptx
ABCON-AGM-2021-Final-2.pptx
HillaryObomighie4 views
Big DataBig Data
Big Data
cadmef714 views
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec Webinar Part 5 of 6 GDPR Compliance, the Operational Impact of Cross...
Symantec428 views
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
Adrian Dumitrescu45 views
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
ekyklos Κύκλος Ιδεών για τη Εθνική Ανασυγκρότηση205 views
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
BCC - Solutions for IBM Collaboration Software1.3K views
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your business
Olivier BARROT2.4K views
BDVe Webinar Series - Making GDPR for SMEsBDVe Webinar Series - Making GDPR for SMEs
BDVe Webinar Series - Making GDPR for SMEs
Big Data Value Association148 views
Establishing sustainable GDPR complianceEstablishing sustainable GDPR compliance
Establishing sustainable GDPR compliance
Cloudera, Inc.390 views
Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...
Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...
Synopsys Software Integrity Group124 views
Gdpr security servicesGdpr security services
Gdpr security services
Frederick Penaud813 views
GDPR security services - Areyou ready ?GDPR security services - Areyou ready ?
GDPR security services - Areyou ready ?
Frederick Penaud1.5K views

More from Rui Miguel Feio

More from Rui Miguel Feio(11)

Recently uploaded

informationinformation
informationkhelgishekhar
6 views4 slides

Recently uploaded(20)

WEB 2.O TOOLS: Empowering education.pptxWEB 2.O TOOLS: Empowering education.pptx
WEB 2.O TOOLS: Empowering education.pptx
narmadhamanohar218 views
google forms survey (1).pptxgoogle forms survey (1).pptx
google forms survey (1).pptx
MollyBrown8614 views
DU_SERIES_Session1.pdfDU_SERIES_Session1.pdf
DU_SERIES_Session1.pdf
RohitRadhakrishnan8773 views
informationinformation
information
khelgishekhar6 views
Audience profile.pptxAudience profile.pptx
Audience profile.pptx
MollyBrown8612 views
AI Powered event-driven translation botAI Powered event-driven translation bot
AI Powered event-driven translation bot
Jimmy Dahlqvist15 views
Is Entireweb better than GoogleIs Entireweb better than Google
Is Entireweb better than Google
sebastianthomasbejan10 views
Existing documentaries (1).docxExisting documentaries (1).docx
Existing documentaries (1).docx
MollyBrown8613 views
informing ideas.docxinforming ideas.docx
informing ideas.docx
MollyBrown8612 views
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
RIPE NCC9 views
KHNOG 5: APNIC ServicesKHNOG 5: APNIC Services
KHNOG 5: APNIC Services
APNIC405 views
Sustainable MarketingSustainable Marketing
Sustainable Marketing
Theo van der Zee6 views
zotabet.pdfzotabet.pdf
zotabet.pdf
zotabetcasino6 views
HKNOG 12.0: RPKI Actions Required by HK NetworksHKNOG 12.0: RPKI Actions Required by HK Networks
HKNOG 12.0: RPKI Actions Required by HK Networks
APNIC346 views
UiPath Document Understanding_Day 3.pptxUiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptx
UiPathCommunity83 views
UiPath Document Understanding_Day 2.pptxUiPath Document Understanding_Day 2.pptx
UiPath Document Understanding_Day 2.pptx
RohitRadhakrishnan8250 views
KHNOG 5: RPKI Status UpdateKHNOG 5: RPKI Status Update
KHNOG 5: RPKI Status Update
APNIC399 views
Serverless cloud architecture patternsServerless cloud architecture patterns
Serverless cloud architecture patterns
Jimmy Dahlqvist15 views
childcare.pdfchildcare.pdf
childcare.pdf
fatma alnaqbi13 views
OMS: Diretrizes para um controle da promoção comercial dos ditos substitutos ...OMS: Diretrizes para um controle da promoção comercial dos ditos substitutos ...
OMS: Diretrizes para um controle da promoção comercial dos ditos substitutos ...
Prof. Marcus Renato de Carvalho87 views

2017 - Data Privacy and GDPR (v1.1)