Security Breach Reporting ISSA - this Friday All welcome..

rtfm

Next Event
Our next meeting will be held on Friday Feburary 22nd and all are welcome to attend:

Security Breach Reporting and Impact
February 22nd, Ballsbridge Court (formerly the Berkeley Court), 12 PM

Six years ago this month California Senate Bill 1386 was introduced, requiring businesses to inform California residents of security breaches involving their personal information. SB1386 became a model for mandatory reporting legislation across the US and today over three quarters of states have enacted breach reporting legislation. In Europe there have been calls for similar legislation and many organisations have chosen to disclose breaches involving customer or employee data, while other breaches have come to light due to reporting requirements in other jurisdictions. On Friday February 22nd ISSA will host a lunchtime seminar on this topic, looking at the impact of mandatory breach reporting in the United States, both positive and negative, and considering the potential for mandatory reporting in Europe.

Our first featured speaker will be Phil Dunkelberger, CEO of PGP Corporation and long-time supporter of ISSA. Phil is a well-known Silicon Valley entrepreneur and headed the original “PGP Inc” start-up formed in 1996 to commercialise PGP encryption. Following the purchase and subsequent abandonment of the PGP technology by Network Associates, Phil led a buy-out in 2002 and formed PGP Corporation which has since launched a highly-successful suite of encryption products and grown to over 300 employees.

On February 22nd Phil will present the results of a PGP survey on the cost of security breaches in the UK. The research, conducted with the Ponemon Institute, examined the financial impact of breaches involving customer records, ranging in scale from 2,500 to over 125,000 customer records. This report is certain to spur further debate regarding data loss incidents and this event will provide a first look at this valuable data.

Our second guest speaker will be Achim Klabunde of the European Commission. Achim heads the team responsible for privacy and trust within the EC Directorate General for Information Society and Media, where his recent work includes the privacy and security aspects of the EU regulatory framework for electronic communications. Before joining the European Commission Achim worked with leading European technology firms in IT and information security roles.

At this meeting Achim will outline recent discussions on mandatory breach reporting at an EU level, including the specific proposals for breach disclosure in the telecoms and ISP sectors. We will also ask Phil Dunkelberger to address the same topics from his perspective as a Director of the Cyber Security Industry Alliance (CSIA), a lobbying group that aims to shape US and EU public policy around information security.

Following presentations from Phil and Achim we will have an open discussion on the potential benefits and negative consequences of breach disclosure, an idea which we know has many strong proponents and opponents among our members.

Note: This event will be held in the Grosvenor Suite of the Ballsbridge Court Hotel (formerly the Berkeley Court) and will begin at 12 noon, with lunch provided. To register please email info@issaireland.org.