How Do US and EU Cybersecurity and Data Protection Policy Developments Impact Your Organization?

World®’16

HowDoUSandEUCybersecurityandDataProtectionPolicyDevelopmentsImpactYourOrganization?AndreaGlorioso - Counsellor(DigitalEconomy/Cyber)- DelegationoftheEUtotheUSAAdamSedgewick- SeniorInformationTechnologyPolicyAdvisor- NISTModerator:BrendanPeter- VP,GlobalGov’tRelations- CATechnologies

SCT94P

SECURITY

2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.

Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.

ForInformationalPurposesOnlyTermsofthisPresentation


Abstract

Inthissession,seniorpolicyofficialsfromtheU.S.NationalInstituteofStandardsandTechnology(NIST)andtheEuropeanUnion(EU)willdiscussrecentcybersecurityanddataprotectionpolicydevelopments,includingtheNISTCybersecurityFrameworkandthepresident’sCommissiononEnhancingCybersecurityintheU.S.,andtheNetworkandInformationSecurityDirective(NISDirective),theGeneralDataProtectionRegulation(GDPR),andtherevisedPaymentServicesDirective(PSD2)intheEU.Learnabouthowthesepoliciesarebeingadoptedandimplemented,andwhattheymeanforyourorganization.

AndreaGlorioso

AdamSedgewick

BrendanPeter


PanelSession

AdamSedgewick

NISTSeniorInformationTechnologyPolicyAdvisor

AndreaGlorioso

DelegationoftheEUtotheUSACounsellor(DigitalEconomy/Cyber)

Moderator:BrendanPeter

CATechnologiesVP,GlobalGov’tRelations


EUandUSCybersecurityandDataProtectionPolicy

§ OverviewofcybersecurityanddataprotectionpoliciesintheEUandUS

§ ImplementationactivitiesinboththeEUandUS

§ Globalalignmentofcybersecurityanddataprotectionpolicies

§ Sectorspecificguidanceforpolicycompliance/alignment

§ RecommendationsforglobalCIOs/CISOs

§ Futurecybersecurityanddataprotectionpolicyactivity

Agenda/TopicsforSession


WhatTypesofCyberandPrivacyIssuesareinPlay?

Tort,contract,andspecificproductliabilities—reasonablecareandsupplierresponsibility

Technologycontrols,nationalsecurityreviewsandgovernment

certifications

Consumerprotection,speechandcontentissues,andcriminal

enforcement(AML/KYC)

Incidentnotificationlaws:databreach,securityincident,material

riskdisclosures

Datalocalizationanddomestictechnologymandates

Securityforcriticalinfrastructureandsystems/assetsatgreatestrisk

Governmentsgloballyseekingtostrike

appropriatebalancebetweenincentives

andmandates


WhatSpecificallyisHappening?

• NISDirective• GDPR

UKCyberEssentialsScheme

• PrivacyShield/Schrems

• PSD2• GermanITSecurity

Act• FrenchCyber

Legislation• ItalianNational

CyberFramework

• Cyber-threatInformationSharingAct(CISA)

• NISTCyberFramework

• ElectronicCommunicationsPrivacyAct(ECPA)

• FEDRAMP—GovernmentCloudCertifications

• CanadaElectronicCommerceandPrivacyProtectionActs

• BrazilInternetFramework(MarcoCivil)

• BrazilSpecialCommitteeonDataProtection

• ArgentinaDataProtectionLawUpdate

• PanamaDataProtection

• MexicohostingGlobalConferenceonCyberspacein2017

• ChinaNationalSecurityLaw

• ChinaAntiterrorismLawandCyberLaw

• Japan/KoreaActsonProtectionofPersonalInformation

• India’sITAct• Singapore

AmendmentstoComputerMisuseandCyberAct

• AustraliaNationalCyberStrategy

EMEA NORTHAMERICA LATAM APJ


Questions?


Stayconnectedatcommunities.ca.com

Thankyou.


Security

FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw

How Do US and EU Cybersecurity and Data Protection Policy Developments Impact Your Organization?

Technology

Transcript of How Do US and EU Cybersecurity and Data Protection Policy Developments Impact Your Organization?