P r i vac y
Next-Generation Data Privacy and Security
Norton Rose Fullbright Australia l University of Newcastle l Department of Finance & Services l Affirm Risk Pty Ltd l UNSW l AISA National Advocacy Group l QBE Insurance Australia,
One-day connected forum and two post-forum workshops 23-24 September 2013 Sebel Surry Hills, Sydney Australia
$995 plus gst to attend the forum
Best Practice in Policy Settings Cloud, Big Data & Open Data Security in Spatial Data Security / Privacy of Customers while Mining Beyond IT System Security The Human Factor Build Effective Identities and Access Control
Implementing Privacy by Design Strategies
Wednesday, 24th September 2013
Post forum workshops:
Workshop A: Best practice data governance and privacy: Ensuring data governance for effective data privacy and security measures Facilitated by: Alan Duncan, Director of Data Governance, University of New South wales Workshop B: Guide Your Organisation to take ‘Reasonable Steps to Protect Personal Information’ through a Practical Privacy Maturity Model Facilitated by: Joel Camissar, Practice Head, Data Protection & Privacy, McAfee & Kenneth Pang, Manager, Consulting Team, Content Security
w w w. a r k g ro u p a u s t r a l i a . c o m . a u
Next-Generation Data Privacy and Security
P r i vac y
D e s i g n
The advancement of big data, social media and new technologies create immense opportunities for businesses to innovate and develop business advantages. However, grappling with such huge volumes of data puts enormous pressure on organisatons to manage content sensitively and protect data. Due to the nature of the information being generated and divulged, there is a superior need for data security and privacy from all stakeholders. With the push from national government towards increased information security compliance and the new privacy amendment coming into force in March 2014, businesses need to understand what the implications are, and successfully achieve due compliance in a cost-effective way. This one day interactive forum provides an in-depth look at building and adapting your existing data foundations and ensuring privacy and security of your data warehouse.
COLLABORATIVE FORUM l Monday, 23 September 2013
8:30 Registration and refreshments 9:00 Chairperson’s opening remarks Puneet Kukreja, Principal Consultant, Affirm Risk Pty Ltd.; Board Member, AISA National Advocacy Group The privacy amendment – enhanced privacy protection óó What is the amendment and what does it mean for your organisation? óó What are the implications for Australian businesses in general? óó How does the amendment affect your current data protection practices? Nick Abrahams, Partner & Asia Pacific Technology Practice Leader, Norton Rose Fullbright Australia 3:00 3:15 Afternoon refreshments and networking Policy settings for security and privacy óó Digital Information Security Policy: Government perspective óó Protecting privacy and security in the context of cloud, big data, open data óó Best practice in achieving optimal legal and policy settings óó Case studies and examples from the NSW experience Ivor King, Senior Policy Officer, Strategic Policy, Department of Finance & Services Maintaining information privacy and security in big data, cloud and social networks: Interactive session óó The security challenges with new technologies 11:00 Taking the “IT” out of Security…why removing technology as the main focus to a security program is the next step! óó Taking the “IT” out of Security – what does that mean óó Why we targeted “Secure the Human” as the most important security initiatives of the next 2 years óó Maintaining a dynamic solution óó What our utopia would look like…security agnostic to technology Angela Coble, Global Manager, Enterprise Security & Risk Management, Johnson & Johnson óó Ensuring governance to protect unstructured data óó Analysing how big data can be protected within the organisation óó Leveraging the value of Big data sets while maintaining privacy rights óó Protecting data sets and ensuring the customer’s privacy: Ensuring user privacy and building anonymity Puneet Kukreja, Principal Consultant, Affirm Risk Pty Ltd.; Board Member, AISA National Advocacy Group 2:15 Spatial Data security and Privacy: Local government sector case study óó Privacy issues in public display óó Data distribution and data licensing óó Creating effective metadata tags óó Online mapping and the risks Jonathan Roach, Spatial Information Systems and Public Sector Professional
10:00 Preserving privacy while mining data óó Using data sets for data mining or selling data for mining óó Protecting your data so that confidential individual information is not disclosed óó Ensuring that the privacy of your clients is not at risk Ljiljana Brankovic, Associate Professor, University of Newcastle 4:00 10:45 Morning refreshments and networking
4.45 Closing remarks by chair 5.00 End of forum
11:45 The secure foundation for data use: identities and access control óó The paradox of modern information usage: universal access with absolute confidentiality óó Why data owners struggle to understand the risks óó Protecting the person versus protecting the identity óó Monitoring of access: if you don't do it, someone else will
Combining EA and SOA with BPM strategies
John Greaves, Information Risk and Security Manager, QBE Insurance Australia
12:30 Networking lunch (Please let us know two weeks prior of any dietary requirements) 1:30 Privacy by design óó Understanding the importance of implementing privacy early on óó Ensuring privacy is proactive and not reactive óó Embedding privacy in all parts of the information life cycle Alan Duncan, Director of Data Governance, University of New South Wales
POST- FORUM workshopS Tuesday, 24 September 2013
Registration: 8.30 am Workshop starts: 9.00 am Workshop ends: 12.00 pm
Best Practice Data Governance and Privacy: Ensuring Data Governance for Effective Data Privacy and Security Measures
Facilitated by: Alan Duncan, Director of Data Governance, University of New South Wales About the workshop: Recent changes in legal frameworks and increased authority of the Information Commissioner have put additional onus on organisations to implement robust Data Management practices, although the process of compliance can seem costly and without benefit. Meanwhile, adopting a holistic approach to Data Governance can help you derive maximum business value from your organisation’s data assets, while maintaining data security and achieving regulatory compliance in a cost-effective manner. This interactive workshop will explore: • The capabilities required for an Enterprise approach to Data Governance. • The implications of regulatory requirements for privacy, security and openness. • The relationship between Data Governance and Information Security. • Achieving compliance in a cost effective manner as a by-product of improved business process.
About the workshop leader: Alan D. Duncan is Director of Data Governance at University of New South Wales, Australia and an evangelist for information and analytics as enablers of better business outcomes. An executive-level leader in the field of Information and Data Management Strategy, Governance and Business Analytics, he has over 20 years of international business experience, working with blue-chip companies in a range of industry sectors. Alan was named by Information-Management.com in their 2012 list of “Top 12 Data Governance gurus you should be following on Twitter”..
Guide Your Organisation to take ‘Reasonable Steps to Protect Personal Information’ through a Practical Privacy Maturity Model
About your workshop leaders: Joel Camissar manages McAfee’s data protection business – the company’s fastest growing practice – across Asia Pacific. He leads a cross-functional team and works with some of the largest companies in the region to translate business requirements into technical solutions that deliver rapid time to value. Camissar has more than 15 years’ experience in the IT sector having held a range of senior roles with ArcSight, Websense, Trend Micro, MIMEsweeper and Gateway. Kenneth Pang manages Content Security's consulting team. He and his team provide security advisory services to assist companies in implementing industry best practices, and to meet regulatory and industry compliance standards. Ken has been working in IT Security since 1997, and has worked across many different industries with consulting firms such as IBM, EDS, Dimension Data, and Trend Micro.
Registration: 12.30 pm Workshop starts: 1.00 pm Workshop ends: 4.00 pm Facilitated by:
Joel Camissar, Practice Head, Data Protection & Privacy, McAfee & Kenneth Pang, Manager, Content Security Consulting, Content Security
About the workshop:
Do you feel daunted with how to take the Privacy Amendments and turn them into practical improvements by March 2014? To assist in this process, the Office of the Australian Information Commissioner (OAIC) has published a “Guide to Information Security – Reasonable steps to Protect Personal Information.” Attending this workshop will give you practical insights on what “reasonable steps” looks like. Participants will leave with a Model that can be used internally to assess how mature your organisation is in Privacy and Data Protection, along with practical steps that you can take to achieve compliance by March 2014. The content of the workshop will cover: • • • • • A Privacy Optimisation Model – How does your organisation rate: Reactive, Compliant, Pro-active or Optimised? How to create a compelling business case for privacy and engage with business stakeholders Using the OAIC Guide to Information Security to review and improve technology controls How to create and run an education and awareness campaign to change employee behaviour Beyond March 2014 – how to leverage a privacy program to reduce risks of Intellectual Property leakage and aid with PCI Compliance.
WARNING: The workshop will be highly interactive with participants working in small teams to contribute to the modules above
5 ways to boo k your place AT t h is eve n t
Phone: +61 1300 550 662 +61 (02) 8913 4000 Fax: +61 1300 550 663 +61 (02) 8913 4099 Email: firstname.lastname@example.org Web: www.arkgroupaustralia.com.au Post: Send the completed registration form to Ark Group Australia Pty Ltd, Main level, 83 Walker Street, North Sydney, NSW 2060
Next-Generation Data Privacy and Security 23-24 September 2013 Sebel Surry Hills, Sydney Australia
put your details here (please print):
Forum and One Workshop
Pricing circle choice Standard Pricing
qsave $200 $2185 + GST =$2403.50 qsave $300 $2085 + GST = $2293.50 qsave $400 $1985 + GST = $2183.50
qsave $100 $1590 + GST = $1749 qsave $200 $1490 + GST = $1639 qsave $300 $1390 + GST = $1529
q$995 + GST = $1094.50 qsave $50 $945 + GST = $1039.50 qsave $150 $845 + GST = $929.50
q$695 + GST = $764.50 qsave $60 $635 + GST = $698.50 qsave $100 $595 + GST = $654.50
Early bird (exp: 30/08/2013) Member offer (exp:30/08/2013)
any other offer
Not valid with any other offer
I am a member of an organisation supporting this forum Not valid with
Delegate 1st 2nd 3rd 4th
I have read and accepted the booking conditions
Event venue and accommodation Preferential rates are available at the Sebel Surry Hills, Sydney. Please contact the hotel directly to make your reservation, quoting ‘Ark Group Australia’ as your reference. The Sebel Surry Hills, Sydney 28 Albion Street Surry Hills NSW 2010 (02) 9289 0000 http://www.sebelsurryhills.com.au/
Please note: Payment must be received in full prior to the event to guarantee your place
Card number Expiry date Cardholder’s name Cardholder’s signature
o American Express
o Payment enclosed (Cheques should be made payable to Ark Group Australia Pty Ltd) o Please invoice me
Booking conditions 1. Bookings can be submitted at any stage prior to the event, subject to availability. A limited allocation is being held and booking early is therefore recommended. In the event of the booking not being accepted by Ark Group Australia the total amount will be refunded. 2. Payment must be received in full prior to the course. 3. All speakers are correct at the time of printing, but are subject to variation without notice. 4. If the delegate cancels after the booking has been accepted, the delegate will be liable to the following cancellation charges: Cancellations notified over 45 days prior to the event will not incur a cancellation fee. In the event of a cancellation being between 45 and 30 days prior to the event, a 20% cancellation fee will be charged.
For cancellations received less than 30 days prior to the event, the full delegate rate must be paid and no refunds will be available. All bookings submitted by e-mail, fax, or over the telephone are subject to these booking conditions. All cancellations must be received in writing. Ark Group Australia will not be held liable for circumstances beyond their control which lead to the cancellation or variation of the programme. All bookings, whether Australian or overseas will be charged Australian GST at the prevailing rate at the time of booking. Delegates are responsible for their own travel, accommodation and visa requirements.
Sponsorship or Exhibition Opportunities If you are interested in sponsoring or exhibiting at this event please contact Ark Group Australia on: Phone: 1300 550 662 Email:email@example.com
5. 6. 7. 8. 9.
We occasionally allow reputable companies to mail details of products we feel may be of interest. If you do not wish to receive this service, please tick this box q