White Paper – The Skill Set Needed to Implement a Global Privacy Standard: ISO/IEC 27701 alignment with IAPP CIPM and CIPP/E certifications

(Nov 7, 2019) In August 2019, the International Standards Organization released its first global privacy standard, ISO/IEC 22701. To offer insight into the professional skill set necessary to implement this new global privacy standard, the International Association of Privacy Professionals’ Westin Research Center mapped ISO/IEC 27701 to the bodies of knowledge for a Certified Information Privacy Professional/Europe and a Certified Information Privacy Manager. Read More

The challenges DPAs, DPOs face to operationalize privacy at scale

(Oct 24, 2019) Businesses and data protection authorities are both facing challenges from a complex digital and legal ecosystem with a limited set of resources. That notion was clear during a panel presentation during the final day of the 41st Annual International Conference on Data Protection and Privacy Commissioners in Tirana, Albania.  "We need to operationalize privacy at scale," said Microsoft Corporate Vice President, Deputy General Counsel and Chief Privacy Officer Julie Brill. "Ensuring there are ope... Read More

Web con: 'Succeeding at the Nexus of Security and Privacy'

(Oct 10, 2019) Traditionally, security and privacy have sat separate from one another. However, there is significant overlap that is beginning to show in the area of unauthorized data access. Join the IAPP Oct. 17 for this sponsored web conference that discusses the growing overlap between security and privacy, how unauthorized data access impacts both fields, and how organizations can benefit by operating at the nexus of security and privacy to best handle the evolving compliance and threat landscapes. Speake... Read More

DHS official: Lack of cybersecurity talent a 'national security risk'

(Oct 4, 2019) A U.S. Department of Homeland Security senior official said the lack of cybersecurity professionals is a major issue for the country, TechCrunch reports. DHS Cybersecurity and Infrastructure Security Agency Assistant Director for Cybersecurity Jeanette Manfra said the agency has started to develop a curriculum for potential developers as they make their way through schools, in addition to workforce training programs to recruit and retain talent. "It’s a national security risk that we don’t have ... Read More

Survey: Data breaches draw concerns in Singapore

(Oct 3, 2019) ZDNet reports a poll of 252 chief information officers, chief technology officers and chief information security officers in Singapore has revealed 96% of respondents were affected by a data breach in the last year, but 84.5% believes they are better equipped to handle breaches compared to a year ago. While 42% of respondents reported their organization endured one data breach, 34% saw at least five breaches, and 15 organizations reported they were hacked at least 10 times. Organizations are tak... Read More

New study surveys CISOs on breach response

(Sep 26, 2019) A new study from Symantec and Goldsmiths, University of London surveyed 3,000 chief information security officers and found that more than half believe "learning from failure is an important part of the process for improving corporate cybersecurity measures," ZDNet reports. Conversely, however, 54% of respondents said they do not discuss breaches with peers in the industry, while 36% said they fear sharing such information could "negatively impact their future career prospects." Chris Brauer, on... Read More

UC Irvine researching cyber insurance

(Sep 25, 2019) Academic researchers from the University of California, Irvine are doing research on cyber insurance to better understand the role of insurance companies for private-sector cybersecurity. This study — which is not being fielded by the IAPP — is being led by UCI Law Professor Shauhin Talesh and UCI’s Cybersecurity Policy & Research Institute Executive Director Bryan Cunningham. They hope to raise awareness about the role cyber insurance plays in society to help prevent and assist with data br... Read More

IAPP-EY Annual Governance Report 2019

(Sep 24, 2019) Now in its fifth year, the IAPP-EY Privacy Governance Report has evolved over time, along with the privacy profession itself. This year, almost as many of the 370 respondents to the survey hailed from the European Union as from the United States. This reflects the growth of the privacy and data protection profession in the EU in reaction to the GDPR. The GDPR has driven growth in privacy-pro ranks in the U.S., as well. Read More

What you need to know about China's new draft measures on cross-border data transfers

(Aug 27, 2019) Recently, the Cyberspace Administration of China released new draft "Measures on Security Assessment on Cross-border Transfer of Personal Data" for public consultation. The June 13 release presents another approach to cross-border data transfer under the China Cyber Security Law. These CAC New Draft Measures superseded the previous efforts of CAC on cross-border data transfer, i.e., CAC’s draft "Measures on Security Assessment on Cross-border Transfer of Personal Data and Important Data" and the... Read More