|Target Audience||Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security
From Consultancies and Resellers/Integrators are only technical people allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.
|CPE Credits||Earn 4.25 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.|
|Location||Microsoft, Richtistrasse 3, Wallisellen|
|Date of Event||30th of January 2019|
|Schedule||see agenda below|
|Participation Costs||Fr. 55.— per participant
Organization, presentations, beverages and aperitif included
|1:30 – 2:00||Registration & Coffee|
|2:00 – 2:00||Welcome & Introduction by the Moderator|
|2:00 – 2:30||András Khan, CIPP\E CIPM Data Privacy, Data Protection, and Security lead for ABB, Nestlé, Novartis and Roche
Andras joined Microsoft in 2000 and is currently responsible for a portfolio of solutions embracing data privacy, data protection, security and collaboration for the largest customers of Switzerland.
He is also one of the founding members of the Microsoft Data and Privacy Advisory Council, which is chaired by the Microsoft global chief privacy officer. He has been involved in several Virtual teams on Microsoft’s own implementation of the GDPR.
How have various major countries reacted to the GDPR – global policy trends and discussion.
|2:30 – 3:00||Friedrich Bohl, Group Data Privacy and Compliance Officer at AMEOS Group
Frank Wimmer, Group Data Privacy Officer at Alpiq Group
Frank took over recently the role as Group Data Privacy Officer (DPO) for Alpiq as successor of Friedrich Bohl. Frank is also acting as Business Architect and Internal Control Officer. He leads the Centre of Excellence (Process & ICS Office) and the DPO Office to ensuring group-wide data privacy (EU-GDPR), business process management for continuous process improvements and services, as well as to ensuring internal control system.
An energy company under GDPR power
The experience report gives an insight into how this challenge was successfully managed within the short time available thanks to a well-structured project and good support from top management. In addition: experiences under GDPR regime after May 2018 with quick outlook for the next time.
|3:00 – 3:30||Ivan Allemann, Member of the Corporate Affairs Team at Sunrise Communications AG
Trained as a lawyer and attorney-at-law, working as a legal consultant mainly in the financial sector.
Data Protection Officer of the “first generation” of the DSG with the largest Health Insurer in Switzerland in the late 90’s; after almost 20 years as Information Security Consultant, I am no
responsible for legal matters in the field of data protection, information security and telecommunications surveillance.
The new EU Data Protection Regulations from a Swiss telecommunication company point of view
Based on these findings and the discussion of the topic, I would like to briefly outline our implementation approach. Every project of this kind raises questions about the guidelines / framework to be followed and what to use as a benchmark. It is a proven procedure to give oneself a roadmap and to get into the topic with important quickwins! I have also deliberately dealt with the question of who should be involved and what I can tackle myself.
In my opinion, data protection also belongs in the broad field of “Compliance”, which is why the risk approach must always be taken into account; not least because there are various areas in the companies that do not always have the same ideas or are more or less affected by such an implementation. Once the topic is understood in the company, the discussions and the preferences of various aspects are starting. It is therefore advisable to plan farsightedly and to take placeholders into account not to be late with the implementation.
After more than 200 days since the entry into force of the new EU data protection regulations and still before the implementation of this idea within the Swiss law, various questions arise. However, there are also initial findings that are of help!
|3:30 – 4:00||Coffee Break
|4:00 – 4:30||Stefan Keller, Co-Chair of the IAPP KnowledgeNet Switzerland
GDPR – today and beyond
A personal summary of the past year and impressions from the various information feeds as co-chair of the IAPP KnowledgeNet Switzerland. From privacy-by-design to ethics-by-design. Enforcement trends and important developments to watch.
|4:30 – 5:00||Vincent Rijken, Information Security Specialist/Data Protection Manager at Nestlé
Vincent is working for Nestlé since 2001 and coordinates Data Privacy and ISO 27001 activities in the IS/IT department. He has led the GDPR program for all IS/IT units in the organization, in collaboration with the Data Protection Office and compliance managers in the regions and markets worldwide. He is also a CISM and coaches multiple units to maintain and further evolve their ISO 27001 certification.
How to ensure GDPR compliance in the IT organisation, using the ISO 27000 framework
This session shows how Nestlé is using the ISO 27001 framework with the risk based approach and the annex A controls, to be in control.
|5:00 – 6:00||Podiums Discussion
|6:00 – open end||Apéro Riche & Networking
The speakers will be onsite for Q&A
The sponsor of this event is:
This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it for use with its event partners and event sponsors of this specific platform.