7      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778601 - GDPR Security Post-Mortems: 10 MORE Critical Lessons You Can Apply Now


Oct 18, 2021 4:15pm ‐ Oct 18, 2021 5:15pm



Credits: None available.

Description

Since EU supervisory authorities began GDPR enforcement, at least 600 companies and government agencies have been punished for privacy and security failures. These failures have resulted in excess of €275 million in fines, plus orders for remediation. Remarkably, only a few GDPR Articles, such as Articles 5 (Principles), 6 (Legal Basis), and 32 (Security) are consistently cited by those authorities. Moreover, in the majority of cases, the failures were attributable to basic privacy and security practices. In this follow up to last year’s presentation, a data protection industry legal veteran will review several new post-mortems, determine what went wrong, and discuss the implications for your security and privacy program.

Learning Objectives:
  • Understand what regulators consider when issuing a GDPR-related penalty.
  • Appreciate the potential costs of mandatory remediation orders.
  • Apply these lessons for California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) compliance.

Speaker(s):

Tags: Basic

Credits

  • 1.00 - CPE

You must be logged in and own this session in order to post comments.