Resources

The toughest part of being an information security leader is justifying for security spend. Companies that do not spend enough start to build up cybersecurity debt. And when a serious breach happens, they find themselves in a situation where they have to pay down that massive debt, including interest.

The EU General Data Protection Regulation is the first comprehensive overhaul of European Union data protection rules in 20 years. What is the impact on businesses in Asia? What is the territorial scope, and controller and processor obligations? This session will discuss these intricacies and more.

India does not have a specific legislation dedicated to data protection and privacy. Presently, the Information Technology Act and the Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules provides to a limited extent data protection and privacy in India.

With the explosive growth of devices, we are introducing more vulnerabilities into the digital environment, and enterprises are facing increasing cyber risks. How can organizations engage the White Hat community to find security vulnerabilities as an additional layer of cyber defence?

Macau, as a hub of increasing importance for service providers and international brands, poses specific challenges in data privacy compliance, especially in the transfer to outside of Macau of personal data collected within. In this session, get an understanding of the complex set of requirements and exceptions.

With the increased requirements around data breach notifications, companies need an effective response plan to limit the impact of a data breach incident. This session will discuss practical insights in conducting a data breach investigation using a walkthrough of a data security incident.

The Philippine Data Privacy Act was enacted in 2012, but its Implementing Rules and Regulations were only issued this year and became enforceable on September 9, 2016. This session will give an overview of the rules including its scope, general principles, rights of the data subject, general requirements and penalties.

The current technological landscape, including the cloud and Internet Of Things, is leading to a new trend for privacy policies. Conventional access control practices are not suitable anymore for their implementation. New approaches are required to enforce all the security requirements with digital privacy policies.

In Hong Kong, there are no specific requirements in relation to data breaches. However, the Commissioner has recently issued a Guidance Note which, together with recent cases, have provided guidance as to suggested good practices. How do you handle data breaches appropriately and to minimize risk of prosecution?

New Zealand's Privacy Act is over 23 years old. While we wait for a new Privacy Act, there are interim amendments, other legislation and initiatives, and a Privacy Commissioner who is taking a stronger line with enforcement and proactively addressing privacy issues through education and encouraging compliance.