It's all about the data

9th Annual e-Crime & Cybersecurity Benelux
December 3rd, 2019, Amsterdam

Putting a price on cybersecurity
GDPR fines hit both privacy and security breaches: time for a rethink?


The latest GDPR fines change the cybersecurity calculus.

The regulators at least have determined that the authorised misuse of data is worthy of a fine in the tens of millions of euros, and that the inadvertent loss of data can cost those who lost it seven figure sums.

These fines, finally, give the business world what it needed: a way to calculate the materiality of data protection and data privacy, and to suggest the levels of budgeting appropriate to the newly measurable risk.

But where should any new funds be allocated?

GDPR is notionally focused on data privacy, and security professionals have long distinguished between data protection (securing data against unauthorised access) and data privacy (managing authorised access - who has it and who defines it).

This has led to the assertion that data protection is essentially a technical issue, whereas data privacy is a legal one.

The GDPR fines render this distinction philosophical: data privacy is compromised both by technical failures in data protection, and by failures in data management ethics or processes. Regulators are therefore penalising both.

Underlying these fines is the simplifying idea that businesses should pay material amounts of money for putting clients (especially retail) at risk of inconvenience and loss. As AI, autonomous vehicles and other IoT developments gather pace, the potential for data loss to cause harm will only increase.

To avoid these types of fines, businesses must rethink the silos that have separated fraud, privacy and security, and think instead of a holistic architecture that delivers watertight data governance more broadly.

So in this new era, who is responsible for what? And what do information security professionals need to do about it? The 9th e-Crime & Cybersecurity Benelux will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data.

  • Securing digital transformation

    So far the perceived benefits of insecure applications seem to outweigh the risks. But with digital transformation, the effects of insecurity become more profound and potentially dangerous.

    • DevOps + infosec - how can they work together?
    • How can you ensure the security and resilience of applications and data in the Cloud?
    • Who is accountable for the Cloud?
    • What are the security implications of digital transformation, AI and the Internet of Things?
  • Breaking down the barriers

    Cross-function communication is key to robust security, but even in areas where the connection is obvious, it's remarkable how siloed cybersecurity can be from the rest of the business.

    • How can you make sure security is built into all business processes?
    • The value of fraud flagging in detecting data loss and data privacy issues, and the value of data protection for fraud prevention
    • What does a joined-up operation (such as between fraud and security teams) look like?
  • Managing the privileged few

    • Data privacy and security both rely on proper management of user privileges and privileged accounts
    • How do the different requirements of privacy, security and the business interact?
    • Managing privacy is more complex than putting tech in place against hackers: what are the solutions and strategies that can help?
  • Getting the basics right

    The fines make it official: the core technical issues cybersecurity professionals have known about for years must now be fixed.

    • What are the critical problems and what should be prioritised?
    • Most data breaches are the result of known vulnerabilities - how can you take the pain out of patching?
    • How do you implement good security hygiene?
  • A different approach to the issue of us

    A system designed to pick up unusual employee activity patterns identifies a potential insider threat. Further investigation reveals a threat of a different kind - the employee is considering suicide.

    • Is the best way to solve core cyber problems to pay more attention to the things we do when we are simply getting on with the job?
    • What are the synergies between cybersecurity, user analytics, employee wellbeing and customer experience?
    • For most people, data protection/privacy will not be front of mind 24/7. Slipups will happen. How do you mitigate the risk this poses?
  • Slow train coming: the wait for intelligent cybersecurity

    • Automation is linear and rules-based, and automated cybersecurity solutions work that way: using signatures and/or historical data to identify issues
    • Current machine learning solutions are not much more advanced than this methodology, and statistical analysis still generates too many alerts for most human teams
    • Are we any closer to the availability of truly 'intelligent' solutions capable of living up to their promise?

Who attends

Job titles

CISO
Global Director Security Services
CIO
Global Security & Business Continuity
Compliance Manager
Security Director, I.T. Infrastructure
Global Information Security Officer
Partner
Security and Fraud Analyst
Information Security Manager
Senior Analyst, Global Information Security
Information Security Manager
Chief Information Security Officer
Fraud Manager
ICT Information & Security Manager
Information Security Adviser
Enterprise Security Architect
Senior Analyst Fraud Investigations
Security & Fraud Analyst
IS&D Security Manager
Information Security Assistant
IT Compliance Officer
Head of Information Security
Manager Professional Insurance
Principal Consultant Cybercrime
I.T. Security Manager
Network Engineer
Risk Manager
Associate Security Expert
Cyber Security Manager
Project Manager
Security Manager
Information Security Consultant
Network & Security Manager
ICT Security Officer
Director Global IT Risk & Compliance
Regional I.T. Security Officer
IT Security & Governance Architect
Senior Network Security Engineer
CISO
IT Security & Risk Manager
CSIRT Director
ICT Security Officer
Security-BCM Officer
Network Security Specialist
Information Security Manager
CSO
Security Manager & Architect
Corporate Information Security Officer
Senior Advisor Security & Cybercrime
Security Analyst
Deputy CIO / CISO
PCI Officer
EMEA Team Lead
Adviseur Phishing & Security
IT Auditor
Fraud Analyst
Senior Fraud and Dispute Officer
Head of Information Risk Management
National Cybercrime Program
Forensic IT Expert
Senior Security Manager
Information Security Continuity Manager
Assistant EMP
Senior Information Security Officer
European Management Planning Officer
CISO
ATM-Cyber security expert
Security Incident Manager
Security Manager
Global Product and Process Specialist
ICT Architect
Director, Global Security Office
Head of Internal Audit IT & Projects
Digital Crime Investigator
IT Audit Manager
Corporate Information Security Officer
Information Security Manager
Corporate Information Security Officer
Information Security Manager
Cyber Security Manager
Security Manager
Risk Manager
Security Manager
Security Manager
Programme Manager
IT Security & Compliance Officer
European Information Security Officer
ICT Security Officer
Director - eCommerce
Head of IT and Information Security
Security Officer
Compliance Officer
Security, Risk & Compliance Manager
IT Risk Manager
Senior Auditor I.T. & Projects
Risk Manager - Internal Audit
Head of Operational Risk
Product Security Officer
COO Data Protection Programme
Information Risk Manager Retail
Senior Manager IT Security & Fraud
Chief Information Security Officer
Head of Information Security
Senior Manager EMP
Security Expert
Head IT
Senior Auditor
Chief Information Security Officer
Senior Technology Security Manager
IT Infrastructure& Support Manager
Head of I.T.
Senior Security Advisor
Senior Security Officer
Information Security Manager
CISO
Global Product & Process Specialist
Senior Information Security Officer
Head of I.T. Audit
Head of Technology
SAP Architect
Senior Risk Analyst
Digital Loss Prevention Manager
Head, Office of Confidentiality & Security
Security Officer
Head of Information Risk Management
Security Consultant
Security Manager
Security Consultant
Information Security Audit Manager
Head of Audit
ICT Architect Infrastructure
Security Officer
Information Security Manager
Group Manager Organizer IS
Senior Officer Corporate Compliance
Program Manager Information Security
Senior Network Engineer
Manager Network Operations EU
Manager Security
Security & Intelligence Management
Global Network & security Architect
Information Security Intern
Senior Security Manager
Information Security Manager
Programme Manager
Information Security Manager
Security Officer
Information Risk Management Officer
Information Risk Manager
CyberSecurity Specialist
Information Security Manager
Project Manager
Information Security Management
Global Process and Product Manager
IT Risk and Audit Manager
Senior Product Manager
Business Analyst
Network Support Engineer
Advisor
CISO
Information Security Project Manager
Information risk manager
Security Consultant
Fraud and Dispute Manager
Manager Security & Intelligence
ICT Security Officer

Companies

ING
KPN
APM Terminals
TMF Group
Garanti Bank International
Philips
APM Terminals
bureau Brandeis
Booking .com
Canon Europe
MasterCard
Fujitsu
KPN
Nike
Attentia
ING
Equens
Rabobank
Booking .com
Rabobank
International Criminal Court
Philips
Garanti Bank International
Hiscox
ING
Amsterdam Trade Bank
Swift
VvAA Groep
Telenet Group
Telenet Group
Oost N.V.
Van Lanschot Bankiers
Betaalvereniging
Intrum Justitia
Crédit Agricole SA
Merck & Co
Metro Group
Credit Europe Bank
LyondellBasell
Intrum Justitia
Epay Solutions
Belgacom
International Criminal Court
Delta Lloyd Group
Optiver
Achmea
Crosskey Banking Solutions
TomTom
Lumesse
Rabobank
Umicore
Intrum Justitia
Air France-KLM
Canon Europe
ING
Garanti Bank International
Nike
Catella Bank
ASR Verzekeringen
Nationale Politie (Netherlands)
ING
Aegon Group
Robeco
Kyocera Document Solutions
Anadolubank Nederland NV
Kyocera Document Solutions
Royal Haskoning DHV
Eurocontrol
NN Group
ING
Nordea Bank
Air France-KLM
Sapient
TNT
Nationale Politie (Netherlands)
Delta Lloyd Group
Sanoma
Alliander
Nederlandse Spoorwegen
Fujitsu
Betaalvereniging
Staples
Luxair
Isabel
Crelan
International Card Services
Mediq
Kyocera Document Solutions
Kas Bank
DHL
European Central Counterparty
BNG Bank
Ministerie van Defensie
Philips
ASR Verzekeringen
TNT
V&D
S-Bank
Booking .com
UBS
Shell
Booking .com
GE Capital
Air France-KLM
Kyocera Document Solutions
Vodafone
Travelex Holdings
NN Group
2College
AT&T
Credit Europe Bank
Catella Bank
OPCW
KPN
Telenet Group
OPCW
Nordea Bank
Garanti Bank International
Credit Europe Bank
SPOSEA
Staples
Future Group
Nike
OPCW
Rabobank
ING
Shell
Valitor
Shell
Piraeus Bank Group
Anadolubank Nederland NV
Detailresult
VvAA Groep
Achmea
Air France-KLM
Kyocera Document Solutions
Rabobank
Swift
Swift
Coolblue
ABN AMRO
Nucletron (Elekta)
Nucletron (Elekta)
Lichtvis
Ahold
Openbaar Ministerie
Achmea
MP Objects
ING
ODW Logistics
Engineers Without Borders
Ministry of Foreign Affairs
BNP Paribas
ASR Verzekeringen
Nordea Bank
Randstad Holding nv
Nordea Bank
ABN AMRO
Swift
Sonoran
Ministry of Defense Netherlands
TNO
ING
FrieslandCampina
Catella Bank
ABN AMRO
International Card Services

Industries

Banking
Telecommunications
Transportation/Shipping
Accounting/Auditing
Banking
Electronic/Electrical Equipment
Transportation/Shipping
Legal
Retail
Electronic/Electrical Equipment
Banking
Consultancy
Telecommunications
Retail
Consultancy
Banking
Banking
Banking
Retail
Banking
Legal
Electronic/Electrical Equipment
Banking
Insurance
Banking
Banking
Banking
Insurance
Telecommunications
Telecommunications
Banking
Banking
Banking
Banking
Banking
Pharmaceuticals
Retail
Banking
Commercial Chemicals
Banking
Banking
Telecommunications
Legal
Insurance
Banking
Insurance
Banking
Electronic/Electrical Equipment
Consultancy
Banking
Manufacturer
Banking
Transportation/Shipping
Electronic/Electrical Equipment
Banking
Banking
Retail
Banking
Insurance
National Law Enforcement
Banking
Insurance
Banking
Electronic/Electrical Equipment
Banking
Electronic/Electrical Equipment
Industrial Engineering
Association
Banking
Banking
Banking
Transportation/Shipping
Software
Transportation/Shipping
National Law Enforcement
Insurance
Media
Electricity
Transportation/Shipping
Consultancy
Banking
Retail
Travel/Leisure/Hospitality
Software
Banking
Banking
Pharmaceuticals
Electronic/Electrical Equipment
Banking
Transportation/Shipping
Banking
Banking
Central Government
Electronic/Electrical Equipment
Insurance
Transportation/Shipping
Retail
Banking
Retail
Banking
Oil/Gas
Retail
Industrial Engineering
Transportation/Shipping
Electronic/Electrical Equipment
Telecommunications
Banking
Banking
Education
Telecommunications
Banking
Banking
Association
Telecommunications
Telecommunications
Association
Banking
Banking
Banking
Software
Retail
Retail
Retail
Association
Banking
Banking
Oil/Gas
Software
Oil/Gas
Banking
Banking
Retail
Insurance
Insurance
Transportation/Shipping
Electronic/Electrical Equipment
Banking
Banking
Banking
Retail
Banking
Healthcare Services
Healthcare Services
Other Industry
Retail
Central Government
Insurance
Consultancy
Banking
Transportation/Shipping
Charity
Central Government
Banking
Insurance
Banking
Consultancy
Banking
Banking
Banking
Other Industry
Aerospace/Defence
Media
Banking
Food/Beverage/Tobacco
Banking
Banking
Banking


Venue

Novotel Amsterdam City

novotel

Location:
Novotel Amsterdam City
Europaboulevard 10, 1083 AD Amsterdam, The Netherlands
Telephone: +31 20 541 11 23

Directions:
Please click here