The GDPR applies to all fields of data driven business, and has a special relationship to cybersecurity. Implementing cybersecurity is a requirement under the GDPR, but no specific requirements are part of the GDPR. What to implement? How to determine what cybersecurity measures are appropriate and how to document such efforts for GDPR? In this talk Silvan Jongerius, Managing Partner of TechGDPR will guide you through the details.
The presentation will take a look at the typical evolvement of cybersecurity within the organization. Each of the stages will be analysed regarding its impact on how cyber risk management can be conducted and what the benefits this has. At the end, it will be outlined an alternative way on how efforts and investments in and of cybersecurity measures can focused efficiently. However, to set up the scene, a holistic picture will be developed to put this in an overall GRC context.
Schrems II - everyone has to pay attention to it, but very few have dealt with it intensively enough. Anyone who sets out on the path to Schrems II compliance will quickly notice that there are many theoretical and legal descriptions out there, but these are mostly very abstract and in most cases only help senior management. Technical descriptions and practical implementations are hard to find at the moment. We would like to close this gap with this talk and show how to deal technically with Schrems II, we will explain how to use it as an opportunity and how it is technically possible to finally achieve compliance.