從各自為政到協同增效：CISO 與隱私官協作的力量.pdf

《從各自為政到協同增效：CISO 與隱私官協作的力量.pdf》由會員分享，可在線閱讀，更多相關《從各自為政到協同增效：CISO 與隱私官協作的力量.pdf（13頁珍藏版）》請在三個皮匠報告上搜索。

1、Brandon Pinzon,JimmaElliott-StevensMarch 2025From Silos to Synergy:The Power of CISO-Privacy Officer CollaborationWELCOME AND INTRODUCTIONSJimma Elliott-Stevens,President,CompliantIQBrandon Pinzon,CISO,Advisor,SPKTR VenturesLinkedInWebsiteAgenda Collaboration is Key Well tell you why Turning Challen

2、ges into Opportunities Budget and Resources Success Stories of CPO-CISO Experience Sharing Resources and Tools to CollaborateQuick Show of HandsCEOCOOITCybersecurityLegalPrivacyCEOCOOITCybersecurityLegalPrivacy1.2.3.CEOCOOITCybersecurityPrivacyLegalRegional Board of DirectorsBoard of DirectorsRegion

3、 1Board of DirectorsInternationalBoard of DirectorsUSBoard of DirectorsRegion 3Board of DirectorsRegion 2Board of DirectorsPrivacy-Security GovernanceInformation Security OrganizationSecurity Strategy&PlanningSecurity Arch&EngineeringSecurity OperationsGovernance,Risk and ComplianceData ProtectionCh

4、ief Information Security Officer(CISO)-Chief Privacy Officer(CPO)Physical SecurityPrivacy Management OrganizationActuaryThird Party RiskData ProtectionIndividual Rights ManagementLegal Basis&NoticeIncident ResponseInformation Security PartnersLegalInternal AuditEnterprise RiskITHRCommsFacilitiesOppo

5、rtunitiesThe most impactful Combination incorporates the security of systems,data,Personal Information,and Records RetentionRisk ManagementGovernanceBusiness EnablementProject DeliveryCompliance&AuditsBudgetIncident ResponseLegal&HRIdentity Management Security OperationsIncident ManagementChallenges

6、 Turned Into Combined WinsThe most impactful Combination incorporates the security of systems,data,Personal Information,and Records RetentionLegal Basis and NoticeIndividual Rights ManagementThird-party Risk ManagementRegulatory MappingIncident ResponsePrivacy Program FoundationsData ProtectionEncry

7、ptionAbility to encrypt sensitive data based on data classification and provide role-based accessDe-IdentificationAbility to de-identify personal data using tokenization and/or pseudonymization techniquesSuppress ProcessingAbility to locate and control specific data subjects data to delete or restri

8、ct it from further processingData Flow MappingAbility to create and maintain visualized data flow maps as records of processing activitiesClassification&AccessAbility to classify and provide role-based access to personal data,and log data use activities for audit purposeData Loss PreventionAbility t

9、o detect,block,quarantine malicious data transfer based on defined criteriaData InventoryAbility to discover assets storing personal data to build and maintain an inventory of personal dataArchiveAbility to automatically archive and retain data based on data types and data creation date1.Cross Train

10、ing2.Principles Based Approach3.Re-Skill Technical Staff4.Use a Trusted Partner to Build Roadmap5.Revisit how you intake work,align to products that generate revenue thesedonaconference.org PrivacyRights.org tag- Privacy/ProtectionTools,Resources,Research Informationhttps:/iapp.org/newsBe the Good P

11、artner.Questions?Jimma Elliott-Stevens,President,CompliantIQBrandon Pinzon,CISO,Advisor,SPKTR VenturesLinkedInWebsite https:/ https:/ Links and CitationsDid you enjoy this session?Is there any way we could make it better?Let us know by filling out a speaker evaluation.1.Open the Cvent Events app.2.Enter IAPP DPI25(case and space sensitive)in search bar.3.Tap Schedule on the bottom navigation bar.4.Find this session.Click Rate this Session within the description.5.Once youve answered all three questions,tap Done.Thank you!How Did Things Go?(We Really Want To Know)