Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
Privacy Focus Group – 18 February 2020 – DPA in favour of cooperation with CSC
19 February 2020 – Cyber Security Coalition
At a very well attended Privacy Focus group meeting, Data Protection Authority chairman David Stevens provided more insight into the DPA’s strategic plan 2020-2025 and this year’s management plan. Priorities include a focus on sectors as telecom and media, public sector, direct marketing sector, education and SMB (KMO/PME). This does not mean they are in line for more enforcement, but rather for support and help. Other points of action relate to the GDPR implementation cycle and proactive attention to societal challenges. While requesting funding to hire more people, David Stevens strongly supports cooperation with platforms such as the Cyber Security Coalition, as “we cannot do it all by ourselves.”
A GDPR compliance challenge was highlighted by Roeland Lembrechts’ “Shadow IT and GDPR” presentation (Sirius.Legal). Shadow IT includes all ‘non-ICT approved’ information technology used by employees. Uncertainties regarding GDPR compliance leave employers open to privacy infringements, as they remain ultimately liable as controller. Exceptions are very few, including the employee becoming controller through data processing on his or her own initiative, or liable because of fraud or negligence. His advice: embrace shadow IT, clear up the shadow and provide good policy, participate by buying into it, as well as monitor and manage.
On the picture: David Stevens, Chairman of the Belgian DPA
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.