Cyber Data Breach Compliance, Preparedness and Response (Melbourne)
Dr. Jodie Siganto
Ringrose Siganto
Dr. Jodie Siganto, Ringrose Siganto
Possesses over 25 years of experience in both legal counsel and IT Security background
Qualified CISSP (Certified Information System Security Professional) and CIPM (Certified Information Privacy Manager)
Chair of the AISA Policy Committee and AISA Education Director
Dr. Jodie Siganto is a privacy and cyber security professional with extensive consulting and training experience. Graduating as a lawyer, she spent 10 years working as an in-house counsel for computer companies in Sydney and Singapore before commencing practice as a security management and privacy expert in Brisbane in 2000. She completed a PhD at QUT in 2015, in privacy and information security law.
In addition to delivering training affiliated with leading certification bodies such as (ISC)2 and IAPP, Dr. Siganto develops and delivers a wide range of training courses in both instructor led and on-line sessions. Her training courses are available publicly and include EU GDPR Compliance, ISO 27001 Overview and Implementation Guidance, Introduction to Privacy Law in Australia, CISSP Review Seminar and Cloud Computing Contracts. Dr. Siganto also develops and delivers workshops and training packages tailored for different clients’ particular requirements.
Dr. Siganto is an active academic researcher working on a variety of projects focusing on the social science aspects of security and privacy practice. Dr. Siganto has a special interest in the use of creative design techniques to help solve complex security issues, particularly those involving the interface between people and technology.
Testimonials
“I attended a seminar on Privacy Law conducted by Dr Jodie Siganto in 2015. I was impressed with her knowledge, ability to impart and relate information and to keep the attendees engaged.” - Chief Editor, Australian Women in Security (AWSN)
“Jodie was a fantastic trainer, knowledgeable and enthusiastic about the topic and with lots of real world experience and examples to draw on. I thoroughly enjoyed the training and learned a great deal.” - General Manager, ES2
Program Summary
The Privacy Amendment (Notifiable Data Breaches) Act 2017 comes into effect 23rd February 2018, including laws regarding mandatory data breach notifications – for all private companies with revenue over $3m, and for federal agencies. Penalties of up to $1.8m apply. Are you prepared? Do you know your obligations? Are you ready for the increased transparency and compliance requirements regarding data protection and privacy?
To help you deal with Australia's mandatory data breach rules, potential consequences and how to protect your data from cyber breaches as well as Europe's GDPR requirement, we would like to invite you and your colleagues to the Cyber Data Breach Compliance, Preparedness and Response Executive Program. Led by Chair of the AISA Policy Committee and AISA Education Director with more than 25 years of experience in IT security and legal counsel experience, Dr. Jodie Siganto will walk you through the latest insights including:
Australian mandatory data breach notification readiness & Europe's GDPR Compliance Requirement
Knowing the rules, obligations and potential consequences
Incident response preparedness
Practical steps for incident response plan testing
Data breach notifications and compliance
What to do when breached: Managing data breach notifications, and ensuring compliance with new Australian & EU regulations
Data breach case studies:
Target
Equifax
Talk Talk
CBA
Uber
Red Cross Australia
Domino’s Pizza
Dr. Siganto will also walk you through how to develop a cyber breach response capability that complies with ISO 27001 and the NIST Cybersecurity Framework. Moreover, you will also be guided on the legal obligations to notify the data breaches including the relevant laws in Australia, GDPR in EU, the US and other jurisdictions. You will also learn practical steps to take in effectively preparing and responding to cyber breaches by benchmarking with different approaches to information security incident management as covered by ISO and NIST standards. At the end of the course, you will gain insights on the major components of an incident response plan and highlight some of the most important issues based on real life case studies for your consideration.
Programs, dates and locations are subject to change. In accordance with Clariden Global policy, we do not discriminate against any person on the basis of race, color, sex, religion, age, national or disability in admission to our programs.
Introduction
As we have entered the digitalized world, data has been a crucial component in striving your organization for more optimal operations and better bottom-line. However, data breaches could also cause a huge negative impact on your organizations in terms on reputation and monetary. With the recent implementation of GDPR in May, Australian firms need to comply with this regulation or face the consequences by the authority. It is also essential for business leaders and security professionals to avoid making critical mistakes when responding to such cyber incidents. Data protection practitioners should take an all-hands-on-deck approach to breach response in order to mitigate legal fallout, disruption to operations, tarnished customer trust and loss of crucial data.
Led by Chair of the AISA Policy Committee and AISA Education Director with more than 25 years of experience in legal counsel and IT security, Dr. Jodie Siganto will walk you through the latest GDPR implemented in Australia and key takeaways to be aware of and complied with before breaching the regulation. She will also cover some of the common approaches in protecting against cyber incidents and data breaches such as ISO 27001 and the NIST Cybersecurity Framework. Moreover, you will also be guided on the legal obligations to notify the data breaches including the relevant laws in Australia, the EU, the US and other jurisdictions.
You will also learn practical steps to take in effectively preparing and responding to cyber breaches by benchmarking with different approaches to information security incident management as covered by ISO and NIST standards. At the end of the course, you will gain insights on the major components of an incident response plan and highlight some of the most important issues based on real life case studies for your consideration.
What You Can Expect
By the end of this program, participants will be able to:
Understand the impact of common types of data breach and your data breach compliance obligations
Discover different approaches and frameworks that could assist participants to protect against cyber incidents and data breaches
Understand the legal obligation to notify the data breaches including the relevant laws in Australia, the EU, the US and other jurisdictions
Gain insights on practical steps in preparing for and responding to cyber breaches
Learn how to develop and test data breach response plans through practical exercises
Benchmark your organization’s data breach response capability against industry standards
Who Will Benefit Most
This program is designed for, but not limited to, middle to senior level professionals who are involved in IT, Information Security and Data Protection management as well as legal practitioners. It is also relevant for risk managers, auditors, internal legal counsel and practitioners that are interested in understanding and managing legal obligation for cyber data breach related issues.
Program Outline
Day 1 | 08:30 – 18:00
Cyber Data Breaches & Notification Obligations Session 1: Cyber Breaches
Different types of cyber incidents
Different sources of attack
Reasons for attack
Future Directions – new vectors and types of attack
Session 2: Approaches to Cyber Security
ISO 27001 & other ISO standards
NIST Cybersecurity Framework
Other standards and approaches including PCI DSS, CObIT
Other resources for Australian businesses
Session 3: Data Breach Notification Obligations
Background – part of mitigating harm from a cyber incident
Legal obligations:
Australia
Europe under the GDPR (for controllers and processors)
US
Other jurisdictions e.g. Singapore, Hong Kong, China
Data breach Case studies:
Target
Equifax
Talk Talk
CBA
Session 4: Workshop Exercise Designed on Determining Whether a Series of Different Events Should Be Notified
Planning and developing a data breach response capability:
ISO 27035
NIST
Cyber breach response plan
Testing your plan
Session 2: Data Breach Notification Issues
What’s in the notice?
How should it be delivered?
Apology?
Other compensation?
Session 3: Data Breach Response Case Studies
Uber
Red Cross Australia
Domino’s Pizza
Session 4: Workshop: Testing Your Response
CFOs Leadership :
Experience Clariden Discover how our leadership program has shaped the perspectives of CFOs across Asia
Venue: InterContinental Melbourne The Rialto Date: 13 – 14 September 2018 Faculty: Dr. Jodie Siganto Early Bird 1: AU$1,995 (by 16 July 2018) Early Bird 2: AU$2,195 (by 13 August 2018) Regular Fee: AU$2,495 Group Discount: 2nd participant get 10%, or register 3 participants and 4th participant get a complimentary seat
(1 discount scheme applies)
Contact: [email protected]
