This document summarizes key aspects of the EU General Data Protection Regulation (GDPR) which takes effect on May 25, 2018. It notes the global reach of the law, expanded definitions of personal data, increased individual rights, and roles and responsibilities of data controllers and processors. Statistics are presented on European companies' readiness, including that only 34% of EU websites and 67% of German websites are compliant. The document outlines actions required to comply with individual rights requests, security breach notifications, regulatory audits, and includes a checklist for compliance steps.
State of cybersecurity report 2020- Post Covid 19HarryJake1
How strong is your cyber response? Post COVID-19 has changed how we work, shop, and interact. Lockdowns accelerated the rise of remote work, which was already gaining traction within many industries.
Recommendations on information security practices to balance compliance between anti-money laundering and privacy at the eCompliance Academy. Changes triggered by the new 6th Anti Money Laundering Directive and how its provisions impact GDPR compliance.
Addressing analytics, data warehouse and Big Data challenges beyond database ...Chris Doolittle
The biggest challenge of managing analytics, data warehouses and Big Data is keeping up with dynamic business demands:
Rapidly changing usage patterns
Growing data variety, volumes and complexity
Increasingly resource intensive visualization tools
And expanding compliance and security demands
At the same time, business executives are expecting more value from analytics, data warehouses and big data. This presentation, by Tim Gorman, Oracle ACE Director and information management expert, demonstrates how companies leverage Teleran’s innovative Usage Analytics and Management Controls to get more business value from their analytics, data warehouses, and big data. Tim presents real-life case studies on how Teleran’s unique software addresses usage issues that can not be resolved by traditional database monitoring solutions. See this presentation and learn how organizations:
Establish a holistic picture of activity to quickly troubleshoot and resolve usage issues that you can’t visualize with database oriented tools only
Track what data is important to the business to ensure productive applications and resource efficient use
Leverage usage metrics from the user, application and query/report perspective to effectively communicate with, manage, and succeed with your business users
Identify and automatically address wasteful user behavior and inefficient analytical and application use
Is Ukraine safe for software development outsourcing? N-iX
Many companies that are looking for a software development outsourcing company in Ukraine wonder if the destination is safe in terms of politics, economy, business climate, and information security.
We’ve completed the guide that covers all these aspects and will hopefully help you make well-weighed conclusions.
Recent high-profile hacks have pushed cybersecurity towards the top of the agenda for law firms, which represent a honeypot of confidential information for hackers to exploit. This infographic explores some of the notable hacks of recent years, the biggest vulnerabilities for firms, and the extent of leaked legal documents on the dark web - Provided by Raconteur
State of cybersecurity report 2020- Post Covid 19HarryJake1
How strong is your cyber response? Post COVID-19 has changed how we work, shop, and interact. Lockdowns accelerated the rise of remote work, which was already gaining traction within many industries.
Recommendations on information security practices to balance compliance between anti-money laundering and privacy at the eCompliance Academy. Changes triggered by the new 6th Anti Money Laundering Directive and how its provisions impact GDPR compliance.
Addressing analytics, data warehouse and Big Data challenges beyond database ...Chris Doolittle
The biggest challenge of managing analytics, data warehouses and Big Data is keeping up with dynamic business demands:
Rapidly changing usage patterns
Growing data variety, volumes and complexity
Increasingly resource intensive visualization tools
And expanding compliance and security demands
At the same time, business executives are expecting more value from analytics, data warehouses and big data. This presentation, by Tim Gorman, Oracle ACE Director and information management expert, demonstrates how companies leverage Teleran’s innovative Usage Analytics and Management Controls to get more business value from their analytics, data warehouses, and big data. Tim presents real-life case studies on how Teleran’s unique software addresses usage issues that can not be resolved by traditional database monitoring solutions. See this presentation and learn how organizations:
Establish a holistic picture of activity to quickly troubleshoot and resolve usage issues that you can’t visualize with database oriented tools only
Track what data is important to the business to ensure productive applications and resource efficient use
Leverage usage metrics from the user, application and query/report perspective to effectively communicate with, manage, and succeed with your business users
Identify and automatically address wasteful user behavior and inefficient analytical and application use
Is Ukraine safe for software development outsourcing? N-iX
Many companies that are looking for a software development outsourcing company in Ukraine wonder if the destination is safe in terms of politics, economy, business climate, and information security.
We’ve completed the guide that covers all these aspects and will hopefully help you make well-weighed conclusions.
Recent high-profile hacks have pushed cybersecurity towards the top of the agenda for law firms, which represent a honeypot of confidential information for hackers to exploit. This infographic explores some of the notable hacks of recent years, the biggest vulnerabilities for firms, and the extent of leaked legal documents on the dark web - Provided by Raconteur
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
Six Key Components to Achieving GDPR Security RequirementsJeff Katanick
With a deadline of May 25, 2018, organizations are searching for an all-encompassing solution for GDPR readiness and compliance. Optiv is strategically positioned to assist
organizations with the cyber security components
of the GDPR regulation.
The first year of GDPR started slow, but companies and regulators alike are picking up speed. Our new infographic shows GDPR’s first year by the numbers.
https://www.synopsys.com/blogs/software-security/first-year-gdpr-infographic/
What is GDPR, the EU’s new facts protection law? What is the GDPR? Europe’s new information privateness and safety regulation consist of heaps of pages’ really worth of new necessities for companies around the world. This GDPR summary can help you understand the law and determine what components of it follow to you. The General information Protection Regulation (GDPR) is the toughest privacy and safety regulation in the world.
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...TrustArc
Watch the webinar on-demand: https://info.trustarc.com/benchmarking-gdpr-compliance-webinar.html
Register now to watch this on-demand webinar to learn:
- How companies are approaching the GDPR
- Where they are prioritizing their effort
- How much they expect to spend
- These benchmarks can help you position your own program internally and build a case for further investment.
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Who Will Make the Grade?
With less than one year to go before the GDPR is enforced across Europe, how has the industry responded to the GDPR requirements and how many companies will make the grade by May 2018? Recent TrustArc research conducted by Dimensional Research found that over 61% of companies have not even started their GDPR Compliance programs. Of those that had started - the three challenges cited most by the privacy professionals surveyed were difficult to maintain and update privacy programs (57%), lack of appropriate tools and technology (56%), and lack of internal resources (54%).
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...TrustArc
In May 2020, TrustArc conducted a comprehensive Global Privacy Benchmarks Survey of more than 1,500 senior executives, privacy office leaders, privacy team members, management, and full-time employees outside the privacy function. The survey findings include benchmarking data on how companies are managing their privacy programs, how they are complying with privacy requirements, and how new technologies are impacting existing practices.
Join this webinar to see how you stack up against your peers and gain insights into how companies are addressing the formidable challenges of privacy in 2020.
This webinar will review:
-How companies’ priorities and strategic approaches to data security and privacy are evolving and the most challenging elements of privacy management
-CCPA compliance readiness and key challenges
-The expected impact of COVID-19 and new technologies on the privacy function
Geek Sync: Database Auditing Essentials: Tracking Who Did What to Which Data ...IDERA Software
You can watch the replay for this Geek Sync webcast, Database Auditing Essentials: Tracking Who Did What to Which Data When, on the IDERA Resource Center, http://ow.ly/ZhLF50A4rEi.
Increasing governmental and industry regulation coupled with the need for improving the security of sensitive corporate data has driven up the need to track who is accessing data in corporate databases. Organizations must be ever-vigilant to monitor data usage and protect it from unauthorized access.
Each regulation places different demands on what types of data access must be monitored and audited. Ensuring compliance can be difficult, especially when you need to comply with multiple regulations. And you need to be able to capture all relevant data access attempts while still maintaining the service levels for the performance and availability of your applications.
In this webinar, Craig Mullins will discuss these issues and present the requirements for auditing data access in relational databases. The goal of this presentation is to review the regulations impacting the need to audit at a high level, and then to discuss in detail the things that need to be audited, along with pros and cons of the various ways of accomplishing this.
Speaker: Craig Mullins is president and principal consultant of Mullins Consulting, Inc. where he focuses on data management strategy and consulting. He writes the monthly DBA Corner column for Database Trends & Applications magazine. With over three decades of experience in all facets of database systems development, he has worked as a programmer/analyst, a DBA, an industry analyst, a software executive and a consultant.
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/best-practices-for-managing-individual-rights-under-gdpr-webinar.html
Insights and best practices for managing individual rights under the GDPR.
The GDPR introduces new individual rights for consumers such as the right of deletion, rectification and data portability - and non-compliance can lead to the highest level of fines. Many regulators are planning consumer campaigns that are likely to increase awareness and action on these new data subject access rights once the GDPR comes into effect on May 25th. What are your obligations? What volume of requests should a company prepare for? What best practices and tools are available to support these new requirements?
This on-demand webinar will provide insights and best practices for managing individual rights under the GDPR.
#trustarcGDPRevents
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
"If we're leaving the EU, does GDPR even matter?" And other FAQsTech Data
As the GDPR looms, Microsoft and Tech Data help to clear the fog for your business by answering your burning questions surrounding this intimidating regulatory change.
Teleran Data Protection - Addressing 5 Critical GDPR RequirementsChris Doolittle
Learn how to quickly and cost effectively meet 5 critical General Data Protection Regulation (GDPR) requirements for structured data with Teleran's Data Protection and Compliance solution. Teleran's solution addresses these key GDPR mandates: Impact Assessments, Purpose Limitation, Data Security, Accountability and Documentation, and Breach Notification. Teleran’s software solution delivers integrated sensitive data discovery, audit and controls. There is little time left to address GDPR. Flexibility, automation, integration and flexibility are key to getting there quickly and cost efficiently.
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
An Overview of the new GDPR regulations including:
• Data Protection Frame Work
• GDPR – Responsibilities
• GDPR – Changes
• GDPR - Exemptions
• GDPR – Rights
• Penalty
• Ten High Level Steps
Six Key Components to Achieving GDPR Security RequirementsJeff Katanick
With a deadline of May 25, 2018, organizations are searching for an all-encompassing solution for GDPR readiness and compliance. Optiv is strategically positioned to assist
organizations with the cyber security components
of the GDPR regulation.
The first year of GDPR started slow, but companies and regulators alike are picking up speed. Our new infographic shows GDPR’s first year by the numbers.
https://www.synopsys.com/blogs/software-security/first-year-gdpr-infographic/
What is GDPR, the EU’s new facts protection law? What is the GDPR? Europe’s new information privateness and safety regulation consist of heaps of pages’ really worth of new necessities for companies around the world. This GDPR summary can help you understand the law and determine what components of it follow to you. The General information Protection Regulation (GDPR) is the toughest privacy and safety regulation in the world.
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...TrustArc
Watch the webinar on-demand: https://info.trustarc.com/benchmarking-gdpr-compliance-webinar.html
Register now to watch this on-demand webinar to learn:
- How companies are approaching the GDPR
- Where they are prioritizing their effort
- How much they expect to spend
- These benchmarks can help you position your own program internally and build a case for further investment.
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Who Will Make the Grade?
With less than one year to go before the GDPR is enforced across Europe, how has the industry responded to the GDPR requirements and how many companies will make the grade by May 2018? Recent TrustArc research conducted by Dimensional Research found that over 61% of companies have not even started their GDPR Compliance programs. Of those that had started - the three challenges cited most by the privacy professionals surveyed were difficult to maintain and update privacy programs (57%), lack of appropriate tools and technology (56%), and lack of internal resources (54%).
2020 Global Privacy Survey: Emerging Trends, Benchmarking Research and Best P...TrustArc
In May 2020, TrustArc conducted a comprehensive Global Privacy Benchmarks Survey of more than 1,500 senior executives, privacy office leaders, privacy team members, management, and full-time employees outside the privacy function. The survey findings include benchmarking data on how companies are managing their privacy programs, how they are complying with privacy requirements, and how new technologies are impacting existing practices.
Join this webinar to see how you stack up against your peers and gain insights into how companies are addressing the formidable challenges of privacy in 2020.
This webinar will review:
-How companies’ priorities and strategic approaches to data security and privacy are evolving and the most challenging elements of privacy management
-CCPA compliance readiness and key challenges
-The expected impact of COVID-19 and new technologies on the privacy function
Geek Sync: Database Auditing Essentials: Tracking Who Did What to Which Data ...IDERA Software
You can watch the replay for this Geek Sync webcast, Database Auditing Essentials: Tracking Who Did What to Which Data When, on the IDERA Resource Center, http://ow.ly/ZhLF50A4rEi.
Increasing governmental and industry regulation coupled with the need for improving the security of sensitive corporate data has driven up the need to track who is accessing data in corporate databases. Organizations must be ever-vigilant to monitor data usage and protect it from unauthorized access.
Each regulation places different demands on what types of data access must be monitored and audited. Ensuring compliance can be difficult, especially when you need to comply with multiple regulations. And you need to be able to capture all relevant data access attempts while still maintaining the service levels for the performance and availability of your applications.
In this webinar, Craig Mullins will discuss these issues and present the requirements for auditing data access in relational databases. The goal of this presentation is to review the regulations impacting the need to audit at a high level, and then to discuss in detail the things that need to be audited, along with pros and cons of the various ways of accomplishing this.
Speaker: Craig Mullins is president and principal consultant of Mullins Consulting, Inc. where he focuses on data management strategy and consulting. He writes the monthly DBA Corner column for Database Trends & Applications magazine. With over three decades of experience in all facets of database systems development, he has worked as a programmer/analyst, a DBA, an industry analyst, a software executive and a consultant.
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/best-practices-for-managing-individual-rights-under-gdpr-webinar.html
Insights and best practices for managing individual rights under the GDPR.
The GDPR introduces new individual rights for consumers such as the right of deletion, rectification and data portability - and non-compliance can lead to the highest level of fines. Many regulators are planning consumer campaigns that are likely to increase awareness and action on these new data subject access rights once the GDPR comes into effect on May 25th. What are your obligations? What volume of requests should a company prepare for? What best practices and tools are available to support these new requirements?
This on-demand webinar will provide insights and best practices for managing individual rights under the GDPR.
#trustarcGDPRevents
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
"If we're leaving the EU, does GDPR even matter?" And other FAQsTech Data
As the GDPR looms, Microsoft and Tech Data help to clear the fog for your business by answering your burning questions surrounding this intimidating regulatory change.
Teleran Data Protection - Addressing 5 Critical GDPR RequirementsChris Doolittle
Learn how to quickly and cost effectively meet 5 critical General Data Protection Regulation (GDPR) requirements for structured data with Teleran's Data Protection and Compliance solution. Teleran's solution addresses these key GDPR mandates: Impact Assessments, Purpose Limitation, Data Security, Accountability and Documentation, and Breach Notification. Teleran’s software solution delivers integrated sensitive data discovery, audit and controls. There is little time left to address GDPR. Flexibility, automation, integration and flexibility are key to getting there quickly and cost efficiently.
The Countdown is on: Key Things to Know About the GDPRCase IQ
The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25th. This powerful legislation strengthens data privacy laws in Europe and has implications for companies all over the world that store, process or transfer the information of the EU’s citizens.
Failure to comply with the regulation can expose a company to fines based on global revenue and reputation damage, yet many companies are struggling to comply in time.
Join information security expert and CEO/Founder of AsTech Consulting, Greg Reber, as he walks participants through a plan for GDPR compliance.
This talk was presented in NULL/OWASP Delhi chapter meet in November 2017. It acts as an introduction to GDPR (General Data Protection Regulation) for security professionals
GDPR is the most significant change to data protection in a generation and an imminent global issue that will dominate data privacy, management and regulation discussions in 2017. According to recent research, over half of businesses lack preparedness for GDPR. With a quarter of the EU’s grace period over and with fines of up to €20 million (or 4% of global turnover), there is a lot at stake for companies falling behind the May 2018 deadline. So, where do you start?
Join renowned information security consultant and GDPR expert, Brian Honan, along with Tim Erlin, Senior Director, Security and IT Risk Strategist at Tripwire as they walk you through the essential steps to accelerate your GDPR preparedness.
In this session you will learn:
• The key facts about the GDPR regulations
• The implications of the new rules and how they will impact your business
• Practical steps your business can take to prepare
• How your existing security frameworks (ISO/NIST/CSC) can help set the foundation
• How Tripwire can help
An overview of GDPR data privacy and the impact on traditional information security practices, which was presented at SecureWorld Dallas, October, 2017
Operational impact of gdpr finance industries in the caribbeanEquiGov Institute
A brief outline of the challenges that could be face by financial institutions with the implementation of the GDPR and recommendations to mitigate them
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docxjeanettehully
Running Head: THE IMPACT OF GDPR ON GLOBAL IT POLICIES 1
THE IMPACT OF GDPR ON GLOBAL IT POLICIES 3
THE IMPACT OF GDPR ON GLOBAL IT POLICIES
Abstract
The General Regulation of the EU on Data Protection (GDPR) provides essential safeguards in the field of privacy, which offer new challenges and potential opportunities for organizations worldwide. However, worldwide organizations must make GDPR compliance changes to minimize GDPR liability. This editorial preface discusses the benefits and threats of the effect of GDPR on global technology growth. We also speak about how China and the US, the two world economic giants, could respond more effectively to GDPR threats and possibilities.
Introduction
The GDPR, which became law on May 25, 2018, is a data protection law that establishes rules on the collection, storage, and management of data of persons living in the European Union (EU, 2016). This legislation applies to all individuals residing in the EU. To satisfy the new demands on privacy raised by digital technology advancement, the new law increases EU data protection. Although the GDPR also covers EU citizens, it has a global impact that impacts every EU business entity that provides services or keeps data regarding EU nationals, which are personally identifiable.
GDPR offers users with a broad degree of control to be overlooked, including the right to withdraw permission. In the same period, the information controllers and processors, including data protection, are required to record all their processing activities by the layout and by necessity. GDPR notes that businesses must seek the customer's permission for data collection and ' implementing successful technological and functional measures ' to protect personal data for EU citizens. (Kaushik et al. 2018).
In May 2018, the European Union adopted a General Data Protection Regulation, which drew a specific conclusion regarding the worlds most detailed and common law on data security, with substantial and unexpected consequences on multinationals. In the months before it began, both inside and outside of Europe, businesses failed to adhere. However, as many as 80% of the firms concerned were still short of this goal on the eve of enforcement.
A year on, businesses continue to work to achieve full conformity with their newly founded regulations. The government will be more confident. Data processing and the processing of complaints in most European countries have doubled, although businesses of all sizes develop violations and associated penalties practices and processes.
The non-conformity to GDPR was held accountable by organizations that process data belonging to EU citizens. GDPR offers a new obstacle, as well as potentially stricter security measures, protocols, and procedures to protect, handle and maintain your data and ensure compliance with GDPR, technology firms, and providers of cloud services, data centers, and advertisers. Afterward, we were probably subjected to s ...
IAPP Canada Privacy Symposium- "Data Retention Is a Team Sport: How to Get It...Blancco
From the IAPP Canada Privacy Symposium in May 2017. This is the full upload of Blancco Chief Strategy Officer Richard Stiennon's presentation, "Data Retention Is a Team Sport: How to Get It Right."
In this Accenture document we explore the implications, challenges and impacts of the General Data Protection Regulation (GDPR) as well as touching on the opportunities this regulation creates for financial services firms. Learn more: https://accntu.re/2uq8ANV
General Data Protection Regulation (GDPR) ControlCase
ControlCase discusses the following:
- What is GDPR?
- How will it impact me?
- How can I become compliant?
- What is the timeline?
- What are consequences if not met?
ControlCase discusses the following: - What is GDPR? - How will it impact me? - How can I become compliant? - What is the timeline? - What are consequences if not met?
GDPR and NIS Compliance - How HyTrust Can HelpJason Lackey
GDPR (EU 2016/679) and NIS are intended to strengthen data protection for people in the EU, replacing Directive 95/46/EC. Learn how HyTrust can help with compliance.
cloudThing GDPR Information Guide - Scott JenkinsCloud Thing
cloudThing General Data Protection Regulation (GDPR) Information Guide - Covers a brief background on the new legislation, the latest updates, evolving threats, corporate data breaches, what's changing and key opportunities for businesses.
Similar to EU General Data Protection Regulation (20)
Presentation for Russian startups as a mentor at the PWC Russia Accelerator program powered by Yellow Rockets. Talked about main aspects of horizontal growth: the right timing, preparation, issues investors pay attention to.
Presentation as part of Design IT Legal founder team on an emerging trends in the field of privacy, product and UX design: privacy-conscious users, privacy enhancing technologies, privacy-aware product design.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
EU General Data Protection Regulation
1. E U G E N E R A L
D A T A P R O T E C T I O N
R E G U L A T I O N
W O M E N T E C H M A K E R S B E R L I N
1 6 M A Y 2 0 1 8
2. M A J O R C H A N G E S
Global reach
Broad definition of Personal Data
More Individual Rights
Data Processor and Data Controller roles
Higher standard of accountability
Significant monetary fines
Final Countdown to ... GDPR (c) @MiraNova, Medium.com
3. 34% of EU websites
are GDPR ready*
67% of them are
from Germany
*out of 2500 European Websites
(c) www.vpnMentor.com
Some statistics
4. G D P R B E N C H M A R K I N G S U R V E Y *
≈ 60% of companies do not know their data contents and data lifecycles
more than 40% of companies incorporate privacy by design
90% of companies use (mostly or in part) consent for data processing
76% of controller-processor contracts incorporate GDPR in some way
* benchmarking of 223 predominantly multinational corporations
(c) 2nd Global GDPR Readiness Report by CIPL & AvePoint, March 2018
78% don't obtain separate consent for different processing operations
5. More statistics
17 out 24 EU countries report that
their regulators don't yet have
necessary funding or initially
lack power to enforce GDPR*
4 out of 28 EU countries adopted special laws on data privacy
(Germany adopted special legislation)
*(c) European regulators: We're not ready for new privacy law
Douglas Busvine, Julia Fioretti, Mathieu Rosemain, Reuters.com, 08 May 2018
8. Data subject requests:
delete my account
give access to my data
transfer my data to XYZ
Data Controller actions:
Respond in due time, within 1 month max. by either:
accommodating the request; or
taking more time to respond (max. 2 more months) if:
* the request is manifestly unfounded or excessive;
* an exemption applies; or
* a proof of identity needed before considering the request.
9. Personal data breaches:
access by an unauthorised 3rd party;
sending personal data to an incorrect
recipient;
devices with personal data are lost or
stolen;
loss of availability of personal data...
Data Controller actions:
Notify the regulator asap, within
72 hours, if there is risk to
people’s rights and freedoms
Notify affected individuals asap
(72hrs), if there is high risk to
individuals' rights
deal with the breach, keep the
regulator & individuals up to
date
10. Regulatory authorities:
reactive measures, i.e. reaction to
complaints - investigations
proactive measures to ensure
compliance with GDPR - audits
General response -
accountability:
Data Controller/Data Processor
must show
technical & organisational
measures in place to comply
with GDPR
11. Map your data
Get necessary
consents
Update privacy
statements for your
customers
o what data is collected
o for what purpose is it
collected,
o how is it distributed or
processed internally
o where, for what purpose, on
what basis is it forwarded to 3rd
parties
o granular: for each data
processing operation
o sensitive data: separate
consent
Update data
processing clauses
in the contracts with
your business
partners
Have at least one person in
your team who understands
the GDPR to help you deal
with requests, regulatory
audits and data breaches
Prepare & document
a plan with
deadlines showing
steps & efforts to
comply with GDPR
Checklist
12. Thank you
Dr. Mira Suleimenova, LL.M.
medium.com/@miranova
www.linkedin.com/in/mirasuleimenova
mira.suleimenova@gmail.com