Information and Cyber Governance, Data Analytics
Transcription
Information and Cyber Governance, Data Analytics
√ Program Organizer: PANEL: From the Government: Scott W. Bauguess A Complimentary, Invitation-Only Breakfast and Educational Briefing Third Annual: Information and Cyber Governance, Data Analytics and Privacy Briefing Identifying, Protecting and Responding to Today’s Growing Internal and External Risks Deputy Director and Deputy Chief Economist, Division of Economic and Risk Analysis, U.S. Securities and Exchange Commission, Washington, D.C. David C. Shonka Principal Deputy General Counsel, Federal Trade Commission, Washington, D.C. Other Faculty: Courtney Barton Senior Counsel, Global Privacy, Hilton Worldwide, Inc., Washington, D.C. Mary Ellen Callahan Partner, Jenner & Block, Formerly, Chief Privacy Officer, U.S. Department of Homeland Security, Washington, D.C. Emily Stapf Forensic Technology, PwC, Washington, D.C. SPECIAL FEATURE: Game of Threats™ March 18, 2015, 9:00 a.m. – Noon The National Press Club, Sanjay Subramanian (Moderator) Partner, PwC East Region Forensic Services Analytics Leader, PwC, Washington, D.C. Benjamin A. Winter General Counsel, Commercial Markets, Information Systems & Global Solutions, Lockheed Martin, Bethesda, MD 529 14th St. NW, Washington, D.C. Cooperating Program Developer: Who Should Attend? General Counsel; C-Level Executives including Chief Risk Officer, Chief Privacy Officer, Chief Data Officer, CIO, CISO; Outside Counsel; Boards Enterprise Risk Explodes to New Frontiers… The confluence of data breach issues, the need to have robust response mechanisms and the urgency of having in place comprehensive information governance and cyber governance programs are now top priorities for C-suite executives, general counsels and their advisors. In particular every company needs enhanced internal controls to prevent, correct or act upon data breaches in a timely manner. This Conference offers a roadmap to constructing an effective plan in a world where companies have more information and data than ever before and the threat risk is higher than ever. Data is at the heart of how companies run businesses… and what hackers want Our panel, comprised of experts from the corporate, legal and advisory sectors, will address in a highly practical fashion how you should rethink assessment and implementation of policies and standards for digital information and attendant risks. The general counsel today needs to be digitally literate with an understanding of business opportunities and risks related to the explosion of data. Who else should be on the team to manage digital information and risk and determine information policies and implementation? It also is particularly critical to be able to value data and risk of loss. Few organizations can afford to have a high wall of protection or analytics surrounding every data set so knowing what you have, where it is and how it is protected now and the impact if it is attacked and/or compromised is key to decision making. Policies now have to encompass the reality that a great deal of a company’s information may also be outside the enterprise--with suppliers, dealers and customers and in the Cloud or on the Internet for business management and transaction purposes. What should be your requirements for partners and third parties and how do you ensure compliance? These are the kinds of issues we will deal with throughout each topic on the agenda. √ All the while, you also need to be cognizant of the growing internal threats to any organization and how they are minimized, monitored and mitigated. In sum this meeting promises to be an extremely valuable morning of education, idea sharing and updates on the very latest thinking and approaches of companies in many sectors. SPECIAL FEATURE: Game of Threats™ New virtual teaching tool to test, improve cybersecurity skills Major cybersecurity breaches make headlines—and nightmares for companies—on a regular basis. As incidents multiply in frequency and cost, the cybersecurity programs of U.S. enterprises must be strengthened to rival the persistence and technological prowess of sophisticated cyber adversaries. Game of Threats™ provides a virtual training ground in which executives and their advisors and teams can sharpen their cybersecurity skills and become battle ready as cyberattacks intensify. The game challenges players to make quick, high-impact decisions with minimal information. This high-pressure environment helps executives and counsel assess their readiness to respond to a breach and practice striking the right balance between taking action and ensuring that the necessary cybersecurity resources are available and properly used. Players also learn to manage the opposing forces of offense and defense over a sustained period of time. TOPICS FOR DISCUSSION: 8:30 a.m.–9:00 a.m. Breakfast & Registration; 9:00 a.m.–Noon Program I. Information/Data/Cyber Governance and the Risk Landscape A. Who is on the team and responsible for managing threats? Responsibilities of General Counsel, Chief Risk Officer, Head of Privacy, Chief Data Officer, CIO, CISO, the Board B. Management of digital rights and crisis management responsibility. C. Regulatory and enforcement rules and standards around data quality, data security and cybersecurity D. Operational and implementation issues E. Cyber threat and theft of trade secrets, sensitive information F. Mergers, acquisitions and divestitures / ownership of information assets G. Value of risk assessment H. Legal Hold and defensible disposition in the Cloud TOPICS FOR DISCUSSION continued II. A. B. C. D. E. F. G. The New World of Big Data Understanding numerous data formats including structured and unstructured data Maximizing business opportunities using big data; innovative uses of data analytics Minimizing business risk using data analytics Leveraging big data; special issues around ownership, use of big data in the Cloud Managing, manipulating and organizing data, data mining, data archiving 1. Data archives grow at 59% annual rate last year. How should you prepare for this huge year-on-year expansion? 2. Uses of big data including information security risk assessment and monitoring risks, investigations, e-discovery 3. Storage of large amounts of data (costs for storage, organizational risks to keeping this data on hand, how to plan for retention and disposition during the design phase) Understanding how government regulators and prosecutors are using big data Change Management 1. Culture of compliance: key changes in practice at the supervisory and employee levels 2. The necessity of change management for implementation of information governance programs 3. Special topics in change management: social media, mobile applications, BYOD, and the Cloud III. Privacy Considerations. What Information is Collected? A. Privacy protection of data; U.S. and E.U. enforcement 1. Status of E.U. data protection directive and exposure to laws in member states 2. F.T.C. regulatory and enforcement initiatives 3. State notification laws B. Identifying and responding to privacy breaches C. Intersection of cybercrime, cyber security, cyber preparedness and privacy D. Compliance based approaches, policy enforcement; using data analytics to protect personal information E. Reconciling data protection, data innovation and privacy F. Information gathering and privacy concerns; embedding privacy protection in systems; special practices of trade secrets and sensitive information G. Managing data risks and privacy when dealing with social media, BYOD, mobile applications, and the Cloud √ Registration Form: Complimentary Breakfast Briefing THIRD ANNUAL INFORMATION AND CYBER GOVERNANCE, DATA ANALYTICS AND PRIVACY BRIEFING: Wednesday, March 18, 2015, 9:00 a.m. - Noon The National Press Club, 529 14th St. NW, Washington, D.C. Name: Title: Company/Firm: Address: City: Phone: Email: State: Zip: Return Registration Form to: lisacolombo@sandpiperpartners.com OR fax to 973-278-8833. Breakfast and Registration – 8:30 a.m. – 9:00 a.m. CLE/CPE credit has been applied for. Cooperating Program Developer: About PwC: PwC’s Cybersecurity Consulting Services help organizations understand dynamic cyberchallenges and breach/ incident indicators to stay one step ahead of the threat actors, adapt and respond to risks inherent in their business ecosystem, and prioritize and protect the most valuable assets fundamental to their business strategy. We’re a member of the PwC network of firms in 157 countries with more than 184,000 people. By delivering innovative solutions today that help identify and protect against future threats, we enable organizations to adapt and respond to the dynamic cyber-risks inherent in doing business in a globally interconnected ecosystem. For more information on PwC’s cybersecurity point of view, visit: www.pwc.com/cybersecurity. Program Organizer: About Sandpiper Partners LLC: Sandpiper Partners is an educational consulting firm run by industry advisors Stephen and Lynn Glasser. Sandpiper Partners is a pioneer in presenting educational conferences on cybersecurity and cybercrime to help businesses cope with the need for information in this rapidly changing world. www.sandpiperpartners.com