Wednesday 31-May-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: Rotunda (Main floor past the elevators)
This month we have Robert Beggs hosting a session on the management and techniques for a successful breach response and Fazila Nurani providing insight into the legal aspects of breach response.
As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.
Any questions email firstname.lastname@example.org. We look forward to seeing you there!
Robert Beggs, Founder and CEO, DigitalDefence
Surviving the Disaster – Secrets of a Successful Incident Response
The resent of wave of ransomware attacks is a bitter reminder that “patch and pray” is no longer an effective strategy for protecting a network and its data. Realistically, organizations have to act as if a security incident is inevitable, and be prepared to successfully manage that response. During this talk, we’ll examine how both technical and management teams can optimize their response process – what are the tools, techniques, and processes that enable success. We’ll cover the secrets of fighting back, including:
- How to effectively prepare for an incident
- The incident response policy
- Standard operating procedures – making your playbook
- Managing and incident response
- Effective internal and external communications
- Training the incident response team
- After the incident – what are the lessons you need to learn, and share
- Cyberinsurance – is it really the best “last response”?
Fazila Nurani, President and Founder, PRIVATECH
Legal Perspectives on Data Breaches
Fazila Nurani is the President and Founder of PRIVATECH, a firm specialized in advising organizations on best practices relating to privacy, information management and Canada’s anti-spam law (“CASL”). Ms. Nurani was called to the Bar in 2001 after completing a degree in Electrical Engineering at the University of Waterloo, and a degree in Law at the University of Toronto. Ms. Nurani advises businesses in a range of industries, including the insurance and health sectors, technology companies and financial service providers. Ms. Nurani also provides direction to public sector entities considering initiatives with privacy implications, and has worked extensively with the Office of the Privacy Commissioner of Canada. Ms. Nurani is a Certified Information and Privacy Professional in Canada, a Certified Information Systems Auditor, and serves on the Boards of Directors for two not-for-profit organizations.
This session will cover:
- Guidance from the regulators on managing a privacy breach
- Existing legal obligations in Canada and upcoming breach notification and reporting rules
- The ‘real risk of significant harm’ test that triggers legal obligations in a breach situation
- Breach response obligations under GDPR for organizations who store information about EU data subjects
- Investigations and case law that indicate why a strong breach response plan must be a top priority
Meeting Location: 55 john Street, Toronto. Room: Rotunda (Main floor past the elevators)