SESSION 2 – Challenges in Data Privacy and Cyber-Security
Day 1 | Thursday, November 10, 2016
Codru VRABIE, Anti-Corruption Expert (Funky Citizens)
The Cyber Future: Security and Privacy Challenges
Rob CLYDE, Board Director (ISACA)
At a breathtaking pace new technology arrives that amazes us – yet also scares us in some fashion. At the same time attackers are becoming more innovative and not only stealing and selling information, but also holding data and systems for ransom. Security becomes more challenging and privacy may be doomed. Security, risk and assurance professionals struggle to keep up and have to fight the natural instinct to just say “no” to new things. It seems like there is hardly a device or function that can’t be connected to the Internet. This Internet of Things collects all kinds of data. The cloud gives new power to quickly spin up new workloads and scale with business needs. Big Data and AI provide insights that are enabling amazing new ways to improve efficiency, reach customers, cure cancer and diseases, and predict outcomes. Augmented reality and artificial intelligence applications create new security and privacy implications. New technologies enable governments, criminals, and just about anyone to easily spy and gather information.
Data Privacy Program
Maria MAXIM, Senior Manager (EY Romania, Fraud Investigation & Dispute Service)
Protection of personal data and cyber security become a top priority of each business entity in the context of digital era. The new EU General Regulation on Data Protection approved in April 2016, after 12 years of negotiations on the data privacy reform, provides certain consistency mechanisms, through a closely cooperation between the national data supervisory authorities. Every data controller or processor within the European Union has to adapt its data privacy approach for the personal data related projects. The principle of accountability increases a clear point of focus in the business relationship of the data controller and the data processor: both of them need to closely cooperate each other in safeguarding the personal data, remaining jointly liable towards the data subject for any potential data security incident, or any other breach of data subject’s rights. Eventually, we shall ask ourselves: Is the consent of data subject enough for every processing of his or her personal data? Certainly not! Therefore, the implementation of appropriate safeguarding measures, along with an end to end data privacy process flow, shall not be diminished in their significance. In details, this is to be found out in the field operations, following a thorough analysis case by case, pursuing the relevant guidance offered by a robust data privacy program, and a business specific data privacy impact assessment.
Dimensions of Data Privacy
Mihai G. POPA, Country Head of Law, Patents and Compliance (Bayer, Country Group Romania/Bulgaria/Moldova)