Traditionally, privacy and security have been poles apart. We’ve seen an increased effort in the industry to align these two functions, especially as heavyweight regulations like GDPR and CCPA become effective. This week’s 2019 PrivSec Conference at Columbia University in New York seeks to further unite privacy and security with two days of inspiration and instruction from industry leaders.

Day one of the conference confirms this alignment – and an alignment between privacy and security around some major concerns. As I chat in the exhibit hall with my privacy colleagues, I’m hearing the same topics of concern coming up across industries and titles:

  • Prepping for CCPA. Five sessions alone are dedicated to the long-anticipated California Consumer Privacy Act, which goes into effect on January 1st, 2020—a mere two months away. The threat of heavy fines and some unclear language make compliance a challenge.
  • Learning from GDPR. This sweeping law is nearly 18 months old, and three back-to-back sessions are all about sharing lessons learned over the past year and a half. These include a deep dive into recent GDPR enforcement cases and what insights the U.S. can gain from this regulation.
  • Improving collaboration between privacy and security. With the passage of GDPR and other similar laws, compliance is top-of-mind for organizations that handle personal data (which is just about everybody!). To meet complex regulatory requirements, privacy and security must work hand in hand.
  • Addressing privacy and compliance challenges in technology. Blockchain, AI, connected cars, the cloud. The list of new and emerging technologies is always growing, and so do the concerns over data privacy. Quite a few workshops are dedicated to helping you understand and meet these challenges.
  • Building a proactive incident response plan (a RadarFirst event!). With privacy and security incidents involving personal data a daily occurrence, organizations need a proactive incident response program to reduce breach response time, improve privacy program reporting, and comply with complex breach-notification laws such as GDPR, CCPA, and PIPEDA. My colleagues had two sessions around these topics:
    • Anatomy of a Privacy Incident: Best Practices in Incident Response with Brian Seaberg, sales director at RadarFirst
    • Incident and Breach: How to Build a Proactive Response Plan (Panel), an all-star panel featuring Holly Amorosana, FVP, Chief Privacy Officer at Apple Bank;  Lana Yang, senior counsel at Mitsubishi; and Melissa King, director of sales at RadarFirst

Of course, opportunities to meet and mingle will abound at the conference, and networking with like-minded professionals can be as valuable as attending the formal sessions. If you’re lucky enough to be in attendance today, we invite you to visit the RadarFirst exhibitor booth (#12) for day two and get an in-depth view of how incident response software can help you build a strong privacy program.

Let’s keep the conversation going! Some must-read resources for PrivSec attendees: