New Regulations and the Next Steps

  • TYPE: Combined Session DATE: Friday, September 21, 2018 TIME: 11:30-12:30 LOCATION: Emerald 3


Since May 25th 2018 the General Data Protection Regulation is in force, many companies are still struggling with implementing effective risk assurance programs that constitute a key requirement for any sensible cybersecurity and compliance strategy.

Without full and clear visibility into the true company-wide risk posture, executives are bound to have massive difficulties understanding and communicating their current cybersecurity and compliance standing compared to their peers as well as the industry’s guidelines and best practices. Unprepared to address a potential data breach, they are inevitably going to face all the grim consequences, which, since this May, are now very expensive. 

This panel will discuss the necessary ingredients for creating a risk management framework for holistic cyber risk governance and talk about the needed steps to help bridge the information sharing and communication gaps between business functions after GDPR enforcement.


After having worked as a technology and digital media lawyer in one of the most renowned law firms for technology law with a strong focus on data protection, Tim has recently taken over the role as Head of Legal at HRS Group, a global hotel solutions provider, and has in this role been heavily...

Blockchain lawyer, advocate and entrepreneur investor with over 30 years of legal, risk, operations and SEC experience who has returned to private law practice in Vermont to help drive blockchain technology innovation across industries and governments.  David is proud to be supporting...

Principles of data privacy and cybersecurity converge when organizations exchange, transfer and process sensitive information. And, the more sensitive the data collected, including health-related data and biometric data, the more likely that an entity will need to comply with heightened regulatory requirements.

As if striking the balance between data privacy and cybersecurity were not enough, a cross-border data exchange is further complicated by the sometimes conflicting regulations between the US and international jurisdictions. The heightened regulatory environment within the European Union, with the forthcoming General Data Protection Regulation (GDPR), drastically changed the way businesses maintain and exchange data from within the EU. In addition to the EU, China and Australia have also enacted data protection regulations that will impact domestic data practices. This presentation will explore this intersection of converging domestic and international data obligations and its effect on creating efficient and secure data management practices that meet the needs of the business. Discussion will focus on how businesses can resolve potentially conflicting obligations in a reasonable and responsible manner.

Key takeaways

1. The US is increasingly becoming an outlier in data protection and cybersecurity frameworks. Companies needs to look beyond the US borders to understand new privacy-oriented trends.
2. Privacy and security are no longer a siloed business decision. With the GDPR and related regulations going into effect, all facets of a business need to be aware of privacy and security concerns.
3. Businesses need to take into consideration the international flow of data, the chain of custody of data, and the technologies impacted data in order to create a robust risk mitigation strategy.


Log in to download the presentation:  


Session Links

Seattle, USA


Consumer Identity World USA 2018

Registration fee:
€1200.00 $1500.00 S$1920.00 13200.00 kr
Mastercard Visa American Express PayPal
Contact person:

Ms. Lauren Zuber
+49 211 23707725
  • Sep 19 - 21, 2018 Seattle, USA