How-to: Industry and NIST Collaboration. Cybersecurity Maturity and Risk Reduction Frameworks

Against the backdrop of our increasing dependency on digital solutions, this session will consider different risk management approaches with special attention to the widely adopted NIST framework and approaches to using commercial cybersecurity to achieve important standards.. With practical applications in mind, our presenters will share how RSA leverages the power of NIST’s federally funded…

Risk Assessments in a Global Regulatory Landscape

The global regulatory landscape for privacy and security continues to become increasingly complex, and it is changing the type and gravity of risks that organizations face. What should organizations be doing to carry out their privacy and security risk assessments in today’s world? Neva DePalma, General Counsel, Vice President of Customer Success, Privacy Officer, Radar…

Translating International Privacy Law Requirements into Prioritized, Risk-Based and Sustainable Operational Practices

Privacy professionals are increasingly challenged to not only stay on top of privacy developments in an ever-changing international regulatory environment but also to turn them into operational procedures and be ready to demonstrate compliance to regulators or their boards. Not everything will get done and knowing the best way to prioritize and make risk-based decisions…

Between a Rock and Hard Place: Competing Obligations Under the CLOUD Act

In the recently enacted CLOUD Act, Congress made it clear that the Stored Communications Act would extend outside the U.S. A number of open questions remain, however, about the sometimes conflicting demands of U.S. and non-U.S. law for cloud data stored outside the U.S. In addition, the international trends towards data localization continues. This session…

What is Old is New Again: ePrivacy GDPR, and CCPA–2019 and Beyond

As the Wall Street Journal reported on its front page at the end of February, third party mobile app SDKs collect data in unexpected ways and in ways that may be “personal data” or “personal information” under applicable law. The ePrivacy directive and, more recently, the CCPA, present real challenges to companies engaging in advertising,…

International Breach Response – Above and Beyond the Law: How to Balance Legal Compliance, Cultural Competence and Leverage All Your Cross-Border Resources

Coordinating an international breach response involves a complex matrix – multivariate laws, diverse experts, different languages, cultures, and commercial sensitivities. This panel will explore how to discharge legal obligations across disparate jurisdictions, controlling the message across business units all over the world, all while delivering on commercial standards and meeting cultural expectations. Particular focus will…