welcome to the
play

Welcome to the Cyber Risk Insights Conference! Welcoming Remarks - PowerPoint PPT Presentation

Jul 11, 2023 •252 likes •861 views

Welcome to the Cyber Risk Insights Conference! Welcoming Remarks Rebecca Bole EVP & Editor-in-Chief Advisen Leading the way to smarter and more efficient risk and insurance communities, Advisen delivers: The right information into The

  1. Welcome to the Cyber Risk Insights Conference!

  2. Welcoming Remarks Rebecca Bole EVP & Editor-in-Chief Advisen

  3. Leading the way to smarter and more efficient risk and insurance communities, Advisen delivers: The right information into The right hands at The right time To power performance

  4. Thank you to our Advisory Board Adeola Adele, Willis Towers Watson Steve Anderson, QBE Jeremy Barnett, NAS Insurance Services Michael Bruemmer, Experian Cherie Dawson, AIG Emy R. Donavan, Allianz Christiaan Durdaller, INSUREtrust Pascal Millaire, CyberCube Analytics Prashant Pai, Verisk Analytics Catherine Rudow, PartnerRe Maeve Slattery, eBay Inc. [2018 Conference Chair] John J. Soughan, Dulles Cyber Advisors

  5. Thanks to our Sponsors!

  6. How do you stay current with the fast-changing cyber risk market? Join more than 36,000 insurance and risk professionals that accomplish this by reading Cyber Front Page News. Check your email tomorrow for an exclusive offer only available to conference attendees .

  7. Coming soon! Now featuring: • Cyber brokers • More providers – 150+! • Easier navigation • New industry commentary

  8. 2018 Advisen Cyber Guide Sponsored by:

  9. LAST CHANCE TO SUBMIT YOUR NOMINATION! Nominations close FRIDAY, FEBRUARY 16 TH at 11:45pm ET

  10. Opening Remarks Presented by our 2018 Conference Chair Maeve Slattery Director Head of Global Insurance eBay Inc.

  11. Data Breach: Still the Goliath

  12. Data Breach: Still the Goliath Aloysius Tan Product Manager Advisen Moderator

  13. Data Breach: Still the Goliath • Aloysius Tan, Product Manager, Advisen (Moderator) • Michael Bruemmer, Vice President, Data Breach Resolution Group, Experian • Kirsten Mickelson, Claims Counsel, Hiscox USA • David Navetta, Partner, Cooley LLP

  14. Data Breach: Still the Goliath Aloysius Tan Kirsten Mickelson Advisen Hiscox USA Michael Bruemmer David Navetta Experian Cooley LLP

  15. The Cost to Reputation

  16. The Cost to Reputation Lauri Floresca Partner and SVP Woodruff-Sawyer & Co. Moderator

  17. The Cost to Reputation • Lauri Floresca, Partner and SVP, Woodruff-Sawyer & Co. (Moderator) • G. Scott Solomon, Vice President, Charles River Associates • Elissa Doroff , Vice President, XL Catlin

  18. The Cost to Reputation Lauri Floresca G. Scott Solomon Elissa Doroff Woodruff-Sawyer & Co. Charles River Associates XL Catlin

  19. Thanks to our Sponsors!

  20. Afternoon Break Coming up next… GDPR: All You Need to Know

  21. Thanks to our Sponsors!

  22. GDPR: All You Need to Know

  23. GDPR: All You Need To Know Cinthia Motley Member Dykema Moderator

  24. GDPR: All You Need to Know • Cinthia Motley, Member, Dykema (Moderator) • Jon Adams, Senior Privacy Counsel, LinkedIn Corporation • Emy R. Donavan, Global Head and CUO, Tech PI and Cyber, Allianz • Pascal Millaire, CEO, CyberCube Analytics

  25. THE GDPR A HIGH-LEVEL SUMMARY OF THE ISSUES & RISKS

  26. KEY CHANGES, RISKS • Increased fines (from small to 4% global revenue) • Increased territorial scope • Heightened standards for lawful data processing • Rights of access, data portability, rectification • Rights of erasure, objection, restriction of processing • Profiling, Automated Decision-making

  27. KEY CHANGES, RISKS • Privacy by Design as the new default • Mandatory DPOs • New regulator scheme (one-stop-shop, EDPS) • 72 hour breach notification • Data mapping • Codes of conduct and certifications (?)

  28. GDPR ISSUES TO WATCH • What will the business impact (and cost) be? • How do we engineer solutions to address EU data subject rights at scale? • How do we ensure that we have a lawful basis for processing data? • What products/features are too risky for the EU market? • What do we do about data we already have in our possession? • How should data controllers and processors work together to tackle data subject requests? • Will member state data protection authorities cooperate, or will one- stop-shop fade away?

  29. GDPR: All You Need to Know Cinthia Motley Emy R. Donavan Dykema Allianz Jon Adams Pascal Millaire LinkedIn Corporation CyberCube Analytics

  30. Regulation Update

  31. Regulation Update Mark Mao Partner Troutman Sanders Moderator

  32. Regulation Update • Mark Mao, Partner, Troutman Sanders (Moderator) • Lara Forde, Vice President, Risk Management, ePlace Solutions • F. Paul Greene, Chair, Privacy and Data Security Practice Group, Harter Secrest & Emery LLP

  33. U.S. Regulation & Litigation Update Mark C. Mao, Esq., Partner, Troutman Sanders LLP F. Paul Greene, Esq., Partner, Harter Secrest & Emery LLP Lara Forde, Esq., CIPP, VP, Risk Management, ePlace Solutions, Inc. 1

  34. U.S. Regulation & Litig tigation ation Lan andsca dscape pe • State Breach Notification Law Update • NYDFS: Impact on New York & Beyond • Litigation Update

  35. State Breach No Noti tific fication ation Law aws

  36. State Breach Noti No tific fication ation Law aws Breach Notification Law Update • New Mexico = 48 th state to enact notification statute • Many states amended notification laws Common Themes • Reasonable security measures • Protection of additional types of personal information • Expanded notification requirements • Encryption exceptions • Mitigation of harm from breaches

  37. New Mexico Breac Br ach h No Noti tifica fication tion Law aw New Mexico became the 48th state to enact a breach notification law. Highlights include: • PII includes biometric information. • Risk-of-harm threshold. • 45 day notice to the state attorney general, and three major credit bureaus (for incidents affecting more than 1,000 New Mexico residents). • Exception for entities subject to the GLBA or HIPAA. • Additional data security requirements for 1) disposal of PII and 2) reasonable security measures.

  38. Delaware Breac Br ach h No Noti tifica fication tion Law aw Delaware passed the first significant amendments to its data breach law since 2005: Requiring reasonable security procedures and practices to protect residents’ • PI. • Expanding PI (passport, biometric, username/ password, medical/ health insurance information, taxpayer ID). • Adding an encryption exception for a “breach of security.” • Requiring a 60-day timeline to notify affected individuals, and the Attorney General (for breaches larger than 500 people). • Mandating 1-year of credit monitoring if the breach involves a Delaware resident’s Social Security number. Allowing substitute service when the breach enables an individual’s email to • be accessed.

  39. Illinois Breac Br ach h No Noti tifica fication tion Law aw Illinois amended its Personal Information Protection Act. Updates include: • Requiring entities that own or handle PI of Illinois residents to implement and maintain reasonable security measures. • Expanding PI (medical/ health insurance, unique biometric information, username/ password). • Requiring state agencies directly responsible to the Governor to notify the Office of the Chief Information Security Officer of the IL Dept. of Innovation & Technology and the Attorney General within 72 hours after discovery (for breaches involving 250 or more residents or aggravated computer tampering (17-53 Criminal Code of 2012). Allowing substitute service when the breach enables an individual’s email to • be accessed.

  40. Maryland Breac Br ach h No Noti tifica fication tion Law aws Maryland amended its Personal Information Protection Act. Updates include: • Expanding PI (taxpayer ID, passport, government ID number, health information, biometric data). • Providing a 45-day timeline to notify affected individuals. Allowing substitute service when the breach enables an individual’s email to be • accessed. Expanding the information subject to Maryland’s destruction of records laws. •

  41. Virginia Breac Br ach h No Noti tifica fication tion Law aw Virginia expanded its notification law in reaction to popular payroll scams. Changes include: • Including income tax information among the types of information requiring notification to the Attorney General. • Requiring employers and payroll service providers to notify the Office of the Attorney General after discovery of a breach of computerized data containing a taxpayer ID number & income tax withheld for that taxpayer. The Attorney General’s office must then notify the state’s Department of Taxation. • Note: This new amendment does not require notification to the individual taxpayers regarding a security breach involving income tax information.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Earnings Release FY 2020 & Q4 2020 Results July 30, 2020 Business Results Fiscal Year

Earnings Release FY 2020 & Q4 2020 Results July 30, 2020 Business Results Fiscal Year

Earnings Release FY 2020 & Q4 2020 Results July 30, 2020 Business Results Fiscal Year 2020 IMMEDIATE PRIORITIES 1. Ensuring the health and safety of the men and women of P&G around the world. 2. Maximizing the availability of

912 views • 40 slides
Data Driven Bug Bounty Arkadiy Tetelman (@arkadiyt) Agenda Program logistics @ Twitter,

Data Driven Bug Bounty Arkadiy Tetelman (@arkadiyt) Agenda Program logistics @ Twitter,

Data Driven Bug Bounty Arkadiy Tetelman (@arkadiyt) Agenda Program logistics @ Twitter, Airbnb Running a data driven program Methodology Questions Program Logistics - Twitter Single public program Soft launch

930 views • 20 slides
Lecture 1: Introduction to Computer Security RK Shyamasundar Aims Provide a thorough

Lecture 1: Introduction to Computer Security RK Shyamasundar Aims Provide a thorough

Lecture 1: Introduction to Computer Security RK Shyamasundar Aims Provide a thorough understanding of Policy (what are being protected) Mechanisms (authentication, authorization, auditing/monitoring, ) Attacks (vulnerabilities,

629 views • 33 slides
Sean Condon, CFP Chris Arndt, CPA Poll the A e Audi dience: What Does it Mean to Curate

Sean Condon, CFP Chris Arndt, CPA Poll the A e Audi dience: What Does it Mean to Curate

Sean Condon, CFP Chris Arndt, CPA Poll the A e Audi dience: What Does it Mean to Curate a Culture of Growth? How to C o Curate a C a Culture of of Growth Create a culture where all employees think and act like an owner.

306 views • 27 slides
STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century

STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century

STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century leverages the best combination of humans and technology to discover security vulnerabilities in our customers web apps, mobile apps, IoT

648 views • 47 slides
Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for

Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for

Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for Theoretical Physics September 13th, 2018 arXiv:1703.02093, arXiv:1703.00032, arXiv:1711.07500(w. Brian Swingle(UMD)) + some unpublished tidbits Before

644 views • 33 slides
Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org

Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org

Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org 2 whois lukas@owncloud.com 1/31/16 3 Not much other hobbies Fixed a lot of stuff Employed since 2014 Contributor since 2012 1/31/16 4 The

606 views • 56 slides
1 For the love of money is a root of all kinds of evils. It is through this craving that some

1 For the love of money is a root of all kinds of evils. It is through this craving that some

COUNTING IT ALL GARBAGE Part 5: Spending - 05.16.10 PLAY Count It All Play: Count It All Garbage Video Clip [2:00] Garbage {2:00] Intro: We re now into part 5 of this sermon series. Garbage is anything that comes between us and

659 views • 4 slides
Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for

Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for

Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for various enhancements, fixes, etc, for Tcl and/or Tcl extensions Donal referred to this as a series of Grand Challenges. Recognizing a golden

394 views • 27 slides
Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford . Smart Contract Security - The Prongs Formal Verification (+Specification)

960 views • 28 slides
Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering

Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering

Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering Senior AppSec Engineer & Team Lead @ Bugcrowd Bug bounty Hunter Video Games Bsides Vienna 2016 Agenda What & Why

365 views • 34 slides
Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA

Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA

Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA (Col),BBA Sp.Mktng (Col), PPG DIP. In Mktng (UK), MCIM (UK), Chartered Marketer (UK), Practicing Marketer (SL), ACMA, CGMA CIMA (UK), DBF (IBSL),

512 views • 30 slides
Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Phillip Kevin Lane Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships Discussion Questions 1. What are customer value, satisfaction, and loyalty, and how can companies deliver them? 2. What is the lifetime

2.16k views • 43 slides
Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for

Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for

Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for consumers Is about Affects satisfying many consumer needs entities Marketing Performed both by Entails an individuals and exchange

456 views • 23 slides
Today we will Spark your imagination Think across roles and functions Share

Today we will Spark your imagination Think across roles and functions Share

Today we will Spark your imagination Think across roles and functions Share campus-wide goals for lifelong learning 2 How do we raise lifelong learning up to our current teaching and research levels? Research & Scholarship

683 views • 20 slides
Data Collection and Systems Management 2018 CDBG-DR Problem Solving Clinic Atlanta, GA | D e c

Data Collection and Systems Management 2018 CDBG-DR Problem Solving Clinic Atlanta, GA | D e c

Data Collection and Systems Management 2018 CDBG-DR Problem Solving Clinic Atlanta, GA | D e c e m b e r 1 2 - 1 4 , 2 0 1 8 2018 CDBG-DR PROGRAM Welcome & Speakers Session Objectives Help grantees understand how to build and

538 views • 20 slides
Webinar Increase Sales and Profits With Optimized Business Intelligence Presenter: Ram Pandit,

Webinar Increase Sales and Profits With Optimized Business Intelligence Presenter: Ram Pandit,

Webinar Increase Sales and Profits With Optimized Business Intelligence Presenter: Ram Pandit, Ph.D., CEO, ADecTec Panelist: Eric Streed, CEO, Cosatron, Inc. Moderator: Craig Cates, Vice President Supply Chain, ADecTec An operations planning &

700 views • 17 slides
your contacts in one basket? Dennis Solis Site Building, April 20, 2013 Dennis Solis Over 30

your contacts in one basket? Dennis Solis Site Building, April 20, 2013 Dennis Solis Over 30

Red Hen Do you put all of your contacts in one basket? Dennis Solis Site Building, April 20, 2013 Dennis Solis Over 30 years experience as software developer. Graduate of the Drupal Career Starter program Eight months of drupal

1.41k views • 97 slides
Provider Directory Advisory Group Meeting March 16, 2016 Welcome! Introductions,

Provider Directory Advisory Group Meeting March 16, 2016 Welcome! Introductions,

Provider Directory Advisory Group Meeting March 16, 2016 Welcome! Introductions, announcements, and agenda review Welcome new members Jennifer Awa and Missy Mitchell HIMSS Debrief Scan Provider Directory Development: Research

1.04k views • 51 slides
Nuts and Bolts of CCA Formation Data Management, Customer Call Center and Customer Enrollment

Nuts and Bolts of CCA Formation Data Management, Customer Call Center and Customer Enrollment

Nuts and Bolts of CCA Formation Data Management, Customer Call Center and Customer Enrollment March 4, 2016 Drake Welch, VP Customer Care & IT 401 W. A Street, Suite 500 San Diego, CA 92101 Wk (619) 684-8039 Mobile (619) 261-2477

551 views • 5 slides
Introduction to Data Mining Umberto Nanni Seminars of Software and Services for the Information

Introduction to Data Mining Umberto Nanni Seminars of Software and Services for the Information

D IPARTIMENTO DI I NGEGNERIA INFORMATICA AUTOMATICA E GESTIONALE A NTONIO R UBERTI Master of Science in Engineering in Computer Science (MSE-CS) (MSE-CS) Seminars in Software and Services for the Information Society Umberto Nanni Introduction

168 views • 14 slides
W ELC O M E TO # W C ETW EBC A ST July 12, 2018 The webcast will begin shortly. There is no audio

W ELC O M E TO # W C ETW EBC A ST July 12, 2018 The webcast will begin shortly. There is no audio

W ELC O M E TO # W C ETW EBC A ST July 12, 2018 The webcast will begin shortly. There is no audio being broadcast at this time. An archive of this webcast will be available on the WCET website next week. C O NSO RTIUM SERVIC E M O DELS - STA

556 views • 33 slides
Information System & Database Design CS105 What is an Information System? Storage and

Information System & Database Design CS105 What is an Information System? Storage and

Information System & Database Design CS105 What is an Information System? Storage and organization of data Resource planning Customer relationship management (CRM) Patient management Information System vs. Filesystem Directory

304 views • 9 slides
Chapter 1: Managerial Accounting: Tools for Decision Making Agenda Strategy Accounting

Chapter 1: Managerial Accounting: Tools for Decision Making Agenda Strategy Accounting

Chapter 1: Managerial Accounting: Tools for Decision Making Agenda Strategy Accounting Financial vs. Managerial Accounting Maximization of Shareholder Value Planning and Evaluating a Strategy Organizations, Missions, and

500 views • 22 slides

More recommend