| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
JD, MBA, BS, CISSP, FIP, CIPM, CIPP/US4 Paul Ave., Kendall Park, NJ Street Address
(Street Address ) 635-2226 EMAIL AVAILABLE https://LINKEDIN LINK AVAILABLE Portfolio: https://Candidate's Name .wordpress.com/Differentiators:Information Security + Privacy + GovernanceCISSP + (IAPP- FIP, CIPM, CIPP + AI Certs -Governance) + (Expertise gained at 8 Multinational orgs)Of the 5 common CISO archetypes for this role, (Executive, Engineer, GRC Guru, Technician and Builder), I am a GRC / Builder and cross-functional governance driven CISO/DPO/CPO SME. I have a 9-time proven ability to scale cybersecurity, privacy, data protection and AI governance programs in harmony, at scale, across 100+ countries to 36,000+ employees. Whereas most individuals have not had the benefit of learning lessons from working in 9 global enterprises or whereas they have been restricted to interpretation to the detriment of operationalizing, or have had no cross-functional exposure as CISO, CPO, DPO, Sr. Cybersecurity SME, and have been limited by jurisdiction and a single technology footprint, I however have built and matured 8 privacy, information security GRC and AI governance programs without breach, and assisted 1 global enterprise, specifically for post-breach work. My unique cross functional expertise has been delivered for the entirety of the c-suite ( GCs, CPOS, DPOs, CIOs, CTOs, CDOs and CISOs).Strengths: Operationalizing Cyber Risk, Information Security Governance, Privacy-Data Protection, Insider Threat, Incident Response, AIprompt engineering and risk identification, Generative AI Model Considerations & Vulnerability reviewsSecurity & AI framework : NIST AI Risk Management Framework, NIST 800-53, ISO PHONE NUMBER AVAILABLE, 27701:2019, NY Shield, NYDFS 500, OWASP,NERC, Breach and Attack Simulation MITRE ATT&CK frameworkPrivacy framework expertise: EU(GDPR + EU regs), USA (CCPA, CPRA, VCDPA, UCPA), PCI, CAN-SPAM, TCPA, CASL, Privacy Shield, HIPAAPrivacy Tooling expertise: GRC: Archer, Metric Stream, ZenGRC, Unified Compliance Framework, OneTrust, Nymity TrustArc, DPOrganizer, Integris, BigIDSecurity & Data Protection Tech:BIGID, Microsoft Cloud Access Security Broker (CASB), QRadar, Radarfirst, Alation, Microsoft O365 Safety & Compliance Center, Azure Rights Management, Microsoft Purview and MS data protection technologies, Splunk, Sumo LogicEDUCATIONDegree-JD, School-Stetson (Doctoral Degree)Degree MBA, School-Rutgers Graduate School of ManagementDegree-BS, School-Rutgers University Cook College, NJTrainings-See Complete list of 260+ security, privacy & AI trainings attachedCERTIFICATIONS & LICENSESSecurity Certifications:Certified Information Security System Professional (CISSP) 2015Privacy Certifications:IAPP-Fellow of Information Privacy (FIP) 2017IAPP-Certified Information Privacy Manager (CIPM) 2014IAPP-Certified Information Privacy Professional (CIPP/US) 2014Licensed :New Jersey Bar (1999)DC Bar (2019)Certifications & Training In ProgressOneTrust: Assessment Automation ExpertOneTrust: Consent & Preference Management ExpertOneTrust: Data Mapping ExpertOneTrust: Data Discovery ExpertOneTrust: Assessment Automation ExpertOneTrust: Data Subject Requests ExpertOneTrust Incident Response ExpertCertified Cloud Security Professional (CCSP)Certified Ethical Hacker (CEH)SumoLogic TrainingAI CertsAI GOVERNANCE DATA PROTECTION TRAINING AREAS001.01.00-GEN AI FOUNDATION MODEL CONSIDERATIONS001.01.01-Generative AI Use Cases001.01.02-Question About Foundational Model001.01.03-Privacy or Intellectual Property.001.01.04-Data Availability.001.01.05-Quality & Accuracy.001.01.06-Effort to build001.01.07-Security001.01.08-Costs001.01.09-Committees001.03.10-Day-to-day usage001.05.00-GENAI-SOFTWARE USING GENERATIVE AI001.05.01-Use Case-Reputation Mgmnt001.07.00- LIFECYCLE OF GENERATIVE AI PROJECTS001.07.01-Stages001.07.02.01-Improvement Processes Highly empirical (experimentative001.07.02.02-(Improvement Processes)-RAG (Retrieval augmented generation)001.07.02.03-(Improvement Processes)-Fine Tuning001.09.00-ALGORITHMIC SYSTEM CONSIDERATIONS (005)001.09.01-Design Considerations001.09.03-Data Considerations001.09.05-Development001.09.07-Deployment001.11.00-Task Analysis Of Jobs001.11.01-Automation opportunity identification001.11.03-Augmentation vs Automation001.90.00-TEAMS TO BUILD GENERATIVE AI SYSTEMS010.00.00-VULNERABILITIES, RISK & MITIGATION CONSIDERATIONS010.01.00-GENERAL AI RISKS010.01.01-Data Poisoning:010.01.02-Model Theft:010.01.03-Transparency, and Accountability010.01.041-Bias and Discrimination:010.01.042-Bias and Discrimination-Possible bias during RLHF (Reinforcement L...010.01.05-Model Security:010.01.06-False Results, aka AI Hallucinations010.04.00--LEGAL RISKS010.04.01-GDPR-Right To Erasure010.04.02-Algorithmic Disgorgement & Destruction010.05.00-CYBER SECURITY RISKS010.05.01-(CyberSec Risks)-PROMPT MODEL VULNERABILITIES010.05.01.01-Injection Risk010.05.02-AI Attack Tactics & Techniques010.07.01-Mitigation -Training Tactics- Reinforcement Learning From Human Fee...010.90.01-CYBERSECURITY TOOLING040.00.00-LLMs040.01.00-LLMS - Generating Text using LLMS040.02.00-LLM Potential Tasks (Not definitive)040.03.00-LLM Limitations040.04.00-How LLMs Follow Instructions040.05.00-CHOOSING AN LLM MODEL040.05.01-Model Size040.05.02-Closed Source or Open Source040.07.00-TOOL USE AND AGENTS VIA SOFTWARE040.90.00--PROMPTING TIPS FOR LLMS050.00.00-Image Generation (Diffusion Model)060.00.00 Artificial General IntelligenceAWARDSDPO Group Avanade 2019 Data Protection Officer Rockstar AwardCISO Group Avanade 2019 CISO Incident Response Superhero AwardEXPERIENCEPosition : Cybersecurity Post Incident SME (Contract)Company: Infosys LtdDates: January 2024 to March 1, 2024Location: City-Remote, State-NJAdvising during 3-month period focused on post-breach crisis managementManaging data subject notifications, CISO and enterprise communications, direct client notificationsAdvising on cyber litigation and privacy data breach driven SLA and contract claims and notification strategiesContributing to knowledge needed for attorney general, regulator and securities exchange interactionsManagement of forensics reporting artifacts and related disclosure strategiesPosition: Cyber Risk, Compliance, and Data Privacy SME To GC, Compliance, CISO (Contract)Company: YahooDates: January 2023 to December 2023Location: City-Remote, State-NJLead 95+ teams over 1 year to mature/establish a data protection controls GRC program via an enterprise-wide impact assessment effort across YahooDeveloped customized cyber risk reduction and data protection privacy engineering advisory across the Yahoo technical ecosystem with particular emphasis in data science, ML, AI systemsContinuous Improvement SME served as the subject matter expert (SME) collaborating with Legal, Compliance, CISO and AI/Analytics teams to mitigate privacy and data protection engineering control risk.Position: Data Protection Officer-(Interim)Company: Lucira Health (Medical Device Startup) Dates: May 2022 to August 2022Location: City-Remote, State-NJImplemented a global information security and data protection privacy program from the foundation.Managed the drafting of global Data Transfer Addendums, Standard Contractual Clauses, Privacy Statements, and Cookie Notices.Managed multi-country outside counsel and provided product counseling for the multi-country launch, ensuring compliance with NIST, ISO and local data protection security frameworks and alignment with HIPAA, GDPR, CCPA, PIPEDA.Counseled product security and privacy for multi country launchServed as the sole data protection security expert, creating budgets, and operationalizing various heavy lift initiatives, including:DLP (Data Loss Prevention) implementation.Acting as a Microsoft Data Protection Subject Matter Expert (SME) and utilizing data protection technologies.Implementing MCAS (Microsoft Cloud App Security) privacy measures.Conducting data discovery and managing SIEM detection for insider threat data protection.Establishing GRC (Governance, Risk, and Compliance) foundational programs and a WISP (Written Information Security Program).Addressing security obligations under Standard Contractual Clauses and distributor agreements.Conducting HIPAA Security Risk Assessments and utilizing MS and AWS Safety and Compliance technologies.Providing expert guidance to a 300-person company on NIST, ISO 27001, GDPR, CCPA, CPRA, PIPEDA, HIPAA, and local privacy and data protection laws.Developing and operationalized privacy program, and budget including:Incident response program.ROPA (Records of Processing and Inventory) program.Cookie technology program.Consent and preference management program.Individual Rights Response program, including DSAR (Data Subject Access Request) lookup methodology.Privacy and data protection research program.PIA/DPIA (Privacy Impact Assessment/Data Protection Impact Assessment) assessment automation and mitigation efforts.Data mapping and data flows.Privacy program product launches.Established both CPO (Chief Privacy Officer) and DPO (Data Protection Officer) offices.Ensured accuracy of security representations in global data transfer addendums.Drafted legal documents for lawful transfer mechanisms, including SCCS (Standard Contractual Clauses), DTA (Data Transfer Agreements), and DPPs (Data Protection Provisions).Implemented a retention program (technology and methods).Utilized Trust Arc and OneTrustGenerated Alation data catalog.Provided guidance to various business groups on privacy concerns.Utilized Big ID for data discovery and policy generation.Position: Data Protection Privacy Subject Matter Expert (SME) to CIO & GC (Contract Advisory)Company: The Clorox CompanyDates: April 2021 to March 2022Location: City-Remote, State-NJData Protection PrivacyAdvised the complete rebuilding of the data protection and privacy program in Target Process Online.Served as the sole data protection and privacy SME, focusing on maturing the technical implementation and engineering underpinning of privacy and data protection within Target Process models.Implemented data protection privacy processes as an SME and (effectively as Chief Privacy Officer (CPO) in absence of a CPO), including the Privacy Operating Model.Drafted policies, standards, and controls that integrate privacy with information security and data protection controls for the CTO, GC, and CISO teamsPosition: Cyber Risk Privacy Subject Matter Expert-(SME To CISO (Contract Advisory))Company: Mondelez InternationalDates: July 2020 to February 2021Location: City-Remote, State-NJCyber RiskDeveloped cyber risk governance maturity modeling (COSO) and risk quantification for the CISO and Board of Director committeesDrafted policies, standards, and controls for the security program.PrivacyControl SME -Advised and participating in the complete rebuilding of the data protection privacy program at the domain and control level.Matured an international security and privacy program for the CISO by developing innovative standards, controls, procedures, and metrics that implemented a global privacy framework tied to data security frameworks, resulting in a comprehensive program tailored to the organization.Created innovative Schrems II solutions by leveraging unique security and privacy framework GRC (Governance, Risk, and Compliance) methodologies.Advised on the launch of a consent and preference management platform and maturing the Incident Response program.Drafted policies, standards, and controls for the privacy program.Position: Chief Privacy Officer And Data Protection SME ((Interim)Contract Advisory)Company: Acoustic (Ad Tech MarTech)Dates: December 2019 to January 2020Location: City: New York City, State-NYStrategized for the post-acquisition design of a global privacy program at a start-up Adtech (purchased by a private equity firm) focusing on drafting and implementing controls aligned with ISO 27001, CCPA (California Consumer Privacy Act) and GDPR (General Data Protection Regulation) requirements.Position: Information Security Privacy SME to CISO, DPO, GCCompany: Avanade Inc.Dates: February 2018 to December 2019Location: City-Remote, State- NJKey Achievements: SME to 24 country privacy data protection program for CISO & GC-1 of 3 privacy and data protection counsel to 36,000 employeesAwards: 2019 Data Protection Officer Rockstar Award2019 CISO Incident Response Superhero AwardInformation Security, Cyber Risk & Incident ResponseAdvised CISO and GC on security frameworks, risk assurance as a SME and counsel for 24 subsidiary entitiesApproved crisis management escalation handling for CISOGuiding the CISO, GC and DPO to integrate GDPR data protection, privacy and cyber security regulatory operational and risk framework requirements into operations.Led cyber wargaming tabletop exercise planningResolved privacy and organizational cyber risk incidents internationally for incident response / breach responseProvided expert advice across all major departments international data protection events (incidents) across 24 countriesRisk Assurance and GRCExpert development of 24 country GRC information security program -1 of 3 SMEs (Small Team Greenfield Launch expertise)Expert in information security GRC and Privacy GRC (ZenGRC, Archer, Metric Stream, UCF)Policy, standard, control drafting for security programLeveraged ISO27701-2019 and Microsoft expertise to design jurisdictionally relevant governance rules including the use of Azure rightsmanagement and O365 Safety & Compliance centerDesigned privacy and information security by design control sets including within cloud environmentsPurple Team type cross functional expert between CISO, DPO, GC (Advised on penetration testing standards and red team / blue team efforts)Resolved application security control issues and cloud OWASP resolution, especially within incident response handlingCompliance Center controls to effect international data protection governance across 23 countriesBuilt WISP (written Information Security Program) and data protection plans globallyThreat modeling guidance involving the Mitre Attack frameworkProvided guidance on insider threat and detection/deterrentsRecommending technology and technology revisions based on operational, legal and contractual requirements to meet international cyber security and data privacy GRC needsImplemented technologies as SME (Data Protection, Consent, Encryption, Privacy Tracking)Privacy Operations & AdvisoryDirectly advised CISO, GC, DPO and all business units on privacy and data security frameworks Significant Operational ExpertiseExpert development of 24 country Governance Risk Compliance (GRC) privacy program -1 of 3 SMEs (Small Team Greenfield Launch expertise)Directly advised DPO, GC and CISO on operational privacy initiativesExpert in GDPR, CCPA, ISO 27701:2019, NIST 800-53, NYDFS and a variety of global privacy and data protection frameworksPrivacy and data protection expert across EU and Americas negotiating and drafting commercial contracts including terms and conditions governing consumer dataWorked daily with product and security engineering teams proactively managing privacy and data protection legal riskGuiding Data Protection and GDPR (General Data Protection Regulation) strategy implementation teamsZenGRC, Onetrust, Nymity, TrustArc, SME. Significant expertise across a variety of data protection technologies.Application of privacy-by-design principles, conducting and documenting privacy assessments, including data privacy impact assessments (DPIAs), legitimate interest assessments (LIAs), international data transfer adequacy assessments, and inbound and outbound privacy and security due diligence.Created a 24 country jurisdictionally relevant trigger set against GDPR, CCPA, NIST, ISO to effect PIA, DPIA, DPbDaccounting for local country regulation, and the latest jurisdictionally relevant regulatory guidanceDue diligence reviews of regular flow-down assessments within privacy and information security domains to hold processors and sub-processors in compliance against negotiated terms,and served as data privacy expert to ensure flow-downs are current against global regulatory requirements.Filtered the present state of data protection capabilities with the development of data protection protocols to baseline capabilities and rationalize the same against operating jurisdictions to enhance the speed of the contracting process and reduce compliance risk.Utilized security monitoring tools, data discovery tooling, data classification tooling to meet privacy regulations and cyber regulatory regulationsPreparation to present security tooling to works councilsPrivacy Data Protection & DraftingDrafted consents, privacy notices, data transfer agreements and other documents for lawful transmission of data.Drafted Legitimate Interest Tests, PIAs(Privacy Impact), DPIAs (Data Protection Impact Assessments)(including multi country implementing law compliance)Policy, standard, control drafting for privacy programAdvised on BCR (Binding Corporate Rules), SCC (Std Contractual Clauses)Modifying legal agreements (DTAs, Model Clauses, Contract Addendums, Notices, Policy)Contract drafting of data protection protocols, MSA clauses with focus on privacy and securityCreating technologies internally to effect compliance and data protection regulation globally within the organizationPosition: Chief Information Security Officer(CISO) and Director Information Security Governance (Dual Interim)Company: Santander Holdings USA & Santander Securities LLCDates: August 2017 to January 2018Location: City-Holmdel, State-NJDUAL INTERIM ROLESDesigned an information security governance, risk, and compliance program embedded into the 1st Line of Defense for six entities across the USA.Presented information security governance findings to the Board of Directors at the holding company.Operationalized data protection efforts within the 1st Line of Defense.Embedded NYDFS (New York Department of Financial Services) regulations, Privacy by Design principles, and data protection regulations such as GDPR (General Data Protection Regulation), GLBA (Gramm-Leach-Bliley Act), DPbD (Data Protection by Design), state data protection laws, breach notification requirements, data destruction regulations, financial health industry security, and privacy regulations into the 1st Line of Defense.Served as the Interim CISO for Santander Securities LLC.Position: Information Security Privacy SME to CISO, DPO, GCCompany: Avanade Inc.Dates: May 2016 to August 2017Location: City-Remote, State-NJKey Achievements:Implemented and matured incident response platform to integrate privacy and information security.Implemented and matured a GRC platformImplemented and matured a Written Information Security ProgramDesigned a privacy program based on GDPR capable of meeting international data privacy regulatory changes across 23 countries.Implemented from green fields a GDPR and International Data Protection privacy program advising across 23 countriesMatured SDLC and security assurance efforts (emphasis on pen testing standards)Led CISO audits across ISO PHONE NUMBER AVAILABLE, NIST 800-53 and various NIST control docs, Sans CSC, HIPAA security and privacy controlsServed in both a privacy counsel and senior information security officer capacity for the CISO and GC depts across 23 countriesAdvised on technology, privacy and information security aspects for contract matters including Master Services Agreements, Vendor Agreements, Professional Services Agreements, Work Orders / SOW's, Software Licensing Agreements, Non-Disclosure AgreementsReviewed and reduced cyber risk internationally across WISP (written Information Security Program) including but not limited to SOC, breach management, pen testing procedure review, Disaster Recovery, NIST/ISO framework audit and cyber risk review of broad CISO activitiesDesigned 23 country GDPR programAdvised on Penetration testing standardsAssessed privacy and information security controls, including BCR (Binding Corporate Rules), SCC (Standard Contractual Clauses), security monitoring tools, security tools legal requirements, privacy regulations, and cyber regulatory regulations, and rationalized them against works council requirements, international and domestic laws, and operational requirements.Implemented international privacy and cyber regulatory requirements for international incident and breach responseRecommended based on operational, legal and contractual requirements the technology to meet international cyber security data privacyGuided the CISO and GC suite to integrate GDPR privacy and cyber security regulatory operational and frameworks into operations.Provided expert advice across all major departments regarding cyber regulatory riskPosition: Information Security Privacy SME (Contract )Company: DTCCDates: July 2015 to December 2015Location: City-Jersey City, State-NJConsultant and counsel providing advice on information security, data privacy, and cyber risk across more than 18 foreign jurisdictions, including the European Economic Area (EEA) and the USA.Generated technical cyber risk and information security metrics, Key Performance Indicator (KPI) reports, risk data, and enterprise-wide cyber risk reduction strategies.Provided consultation and counsel on cyber IT controls and data privacy controls.Supported the development of a data privacy strategy, data transformation roadmap, and long-term strategic priorities for cyber risk reduction through information security and data privacy data transfer initiatives.Consulted on the revamp of a multi-organization, multi-country information protection and data privacy department, including areas such as vendor management, privacy policy, charter, and daily privacy counseling.Advanced global cyber security governance by conducting security risk assessments, identifying threats, establishing global reporting systems and procedures for risk, creating training and awareness plans, and integrating risk reporting matrices.Contributed to cyber investigations, forensics, risk trend analysis, vulnerability exercises, and addressing security operations center (SOC) issues that filtered into the General Counsel's office.Addressed security awareness, encryption concerns, network security, vendor protection, data protection, and privacy matters.Engaged in significant international cyber security and data privacy work for numerous business units, from framework development to risk assessment, and provided board-level recommendations.MEMBERSHIPS / ASSOCIATIONS: ISC, IAPP, RUTGERS MBA, STETSONCandidate's Name ,JD, MBA, BS, CISSP,FIP, CIPM, CIPPEMAIL AVAILABLE M: PHONE NUMBER AVAILABLECISSP -2015 CERTIFIED INFORMATION SECURITY SYSTEM PROFESSIONALFIP -2017 FELLOW OF INFORMATION PRIVACYCIPM -2014 CERTIFIED INFORMATION PRIVACY MANAGERCIPP 2014 CERTIFIED INFORMATION PRIVACY PROFESSIONALJD 1999 - STETSON LAW ALUMNIMBA 1994 - RUTGERS GRADUATE SCHOOL OF MANAGEMENT ALUMNIBS- 1992 RUTGERShttps://LINKEDIN LINK AVAILABLE https://www.Candidate's Name .Wordpress.comTraining Outside of work2014-20241CIPM Certified thru IAPP20142CIPP Certified thru IAPP20143Certified Information System Security Professional15-Jul-154Internet of things Data Privacy Considerations5Everything you need to know about HIPAA10/1/20146Online Practice Management Online Marketing Bootcamp6/3/20157Extensive online privacy and related information security training as found at my portfolio site at:5/1/20158MCBA: Online Marketing Boot Camp6/3/20159MCBA: Special Education Rights6/16/201510The Internet of Things: Data Privacy Considerations6/30/201511A Practical Guide to Meeting Cyber Security Requirements7/1/201512Security Lessons Learned from Target, Niemen Marcus, Sony and Other Breaches (Ultimate Windows Security.com and LogRhythm 7-28-2015 105 min Seminar)7/28/201513Cutting Edge Etch for Sole Practitioners2/6/201614Top Security Trends for 2014-20159/21/201515Lessons Learned from 2015 Verizon Data Breach9/24/201516US-EU Safe Harbor What Now10/9/201517Cyber Security Future Threats To Financial Industry10/15/201518Top 5 Things The CISO needs to know about data privacy10/15/201519Cyber Threats - Focusing on Home User Security10/21/201520Managing Innovation Risk10/28/201521Aligning your hr practices w evolving privacy rules in Latin America10/29/201522Vendor Risk Data Breach and its business11/4/201523Penetration testing - Keeping It Real12/1/201524Phish Me12/2/201525Beyond Buzzwords - defense in depth12/2/201526Nymity: Demonstrating compliance12/16/201527Safe Harbor Data Transfer12/19/201528Kapersky GoToWebinar - Cybersecurity Forecast: Whats on the Horizon?1/28/201629NJAJ New Brunswick Cutting Edge Technology for sole practitioners2/6/201630Cyber Security For Financial Services Industry3/2/201631Dude Where's My data - Inside the internal security Data exfiltration study3/17/201632ACC: Negotiating the Cloud: An Overview of Key Issues in the Cloud3/24/201633The only constant is change - GDPR and Data Privacy4/14/201634Flipping the Economics of Cyber Attacks4/19/201635Global Mobility Issues and Challenges for Employers4/20/201636Cloud Security Threats and resolutions: A Meeting of The Minds4/27/201637ACC Webcast CLE/CPD Fees: Relationship Between Cyber Breaches and IG4/28/201638Pre and post-trial motions5/9/201639GoToWebinar - Don't be Afraid of the Dark III: Solving Data Security with File Analysis -ZL Technologies' Dark Data Webinar series will focus on the security portion of file analysis5/9/201640GDPR Comprehensive: New York5/17/201641Studying For Certified Ethical Hacker4/12/201642Metric Stream 63 minutes -Role of Audit in CISO dept6/10/201643Privacy Shield Is Here - What You Need TO Know7/21/201644New Technology that revolutionizes vendor risk management7/21/201645Avanade - Information Security Brown Bag7/26/201646Tenable - 13 essential steps to address the security req of the new general data protection regulation7/27/201647Sans Data Breach Summit: assessment, Compliance & Communication8/18/201648Device Fingerprinting9/9/201649PLI: Privacy Shield Boot Camp 20169/12/201650Cybersecurity 2016: Managing Cybersecurity Incidents9/20/201651Changing The role of the cpo in todays privacy eco system9/22/201652Tracking Targeting Customers Online, on mobile and social media10/20/201653Encryption: A Gathering Global Storm11/1/201654cybersecurity regulation in US governing frameworks11/10/201655EU Privacy Dawn Raids11/29/201656Splunk ransomware endpoint12/13/201657Client data protection community of practice12/14/201658FARS DFARS req for fed govt contractors - coal fire12/5/201659Splunk Ransomware12/19/201760Ethics of electronic info 201612/30/201661Privacy Data Security Litigation-PLI12/31/201662California Privacy Law12/31/201663Evolving legal ethics12/31/201664Cyber Security Best practices for legal serv providers1/18/201765Adv Data Privacy, Cyber Security Breach and TCPA class action litigation1/20/201766Best Practices to create data inventory to meet GDPR compliance1/24/201767Best Practices for GDPR compliant privacy notices1/30/201768NY Cyber security reg1/31/201769Data Visualization2/8/201770High Performing Compliance & Ethics Programs2/21/201771Govt Investigations 2017 - inv arising from data breach2/24/201772The New Cybersecurity Landscape - What the NYDFS Regs really mean for your business3/9/201773Successful Audits3/6/201774China's Cyber Security Law3/7/201775Privacy Issues on Mobile3/14/201776Operationalizing legitimate interests3/16/201777Data Mapping3/23/201778Data Protection Masterclass: Cyber security trends to watch3/29/201779Iso compliant risk - mind manager4/5/201780Managing Privacy & Data Security Risks in M&A4/5/201781Managing Privacy Risk4/20/201782Cracking Chinas cyber security law - how an audit can help your business prepare for compliance4/27/201783Financial Services Tech 2017 Avoidance of Risk5/5/201784Integrated business continuity management, pathway to resilience5/10/201785Ransomware5/18/201786Cloud Computing 2017 - key issues and practical guidance5/22/201787Traditional PIA to DPIA5/23/201788Using safety act to demonstrate reasonable cybersecurity plans5/24/201789Resilient on GDPR5/24/201790Microsoft on Data Protection tools to implement5/24/201791UCF Mapping5/25/201792Consent events5/25/20179318th annual institute on privacy and data security law5-30-5-31-201794GDPR Is Less Than A Year Away: Are You On Track6/6/201795SANS - Practical threat Modeling for Financial Orgs6/6/201796Consent Issues6/20/201797Is a personal data inventory required6/22/201798Is a PI Necessary6/29/201799The human Side of GDPR7/11/20171003 steps to stop data protection sprawl11/7/2017101The Future is Here, |
