ISACA Ireland Chapter (South West) Conference Governance Risk
Date: 22nd June
Time: 9:00 – 17:00
Venue: Clayton Hotel, Silversprings, Cork
ISACA Ireland is pleased to announce this full one-day Conference in the South West of Ireland. We do hope it is the first of many.
The conference theme is GRC and we hope to examine GRC in terms of its use as buzzwords and ask the question: Is the overall concept a benefit or burden? GDPR and Privacy, in general, will feature strongly.
8:00 am to 9:00 AM Registration
9:00 AM 9:15 AM Opening Feargal O’Neill ISACA Ireland Chapter President – Opening Of the Event
9:15 AM 10:00 AM Gonzalo Caro Microsoft / IAPP Personal Data Protection & Governance –
The GDPR era: a tale of risk management”
Synopsis: May 25 marked the ‘end of the beginning’ for GDPR readiness. Many companies claim to be ready while others do not hide their unpreparedness. How is GPDR shaping the agendas of Risk & Compliance programs? Is Data Protection the new SOX? Gonzalo Caro, Data Protection Manager in the Microsoft Services division, will go through the key practical challenges and opportunities that lie ahead in terms of embracing GDPR.
10:00 AM 10:45 AM Jason Burns IBM The past, present and future or AI and how to govern it…
Synopsis: Jason will provide a brief history of AI and its origins before moving on to what companies like IBM are doing in this space and finally looking to the future and our current thinking about how best to govern AI.
10:45 AM 11:15 AM Coffee break
11:15 AM 12:00 PM Steve Jones RedGate Software DevOps and Governance
Synopsis: Steve will use demos and tools to move some database changes through from development to production in a DevOps style format, but go back and ask questions about “when did this happen”, “who made the change”, “is there private data?”, etc. Then he will look for the instrumentation that a DevOps process provides to understand what happened. I will also show a couple “ad hoc” changes, and why this isn’t easily audited.
12:00 PM 12:45 PM John Brady Hertz BUGS (Bad, Ugly and Good) of Risk Registers
12:45 PM 2:00 PM Lunch
2:00 PM 2:45 PM Louise O’Brien KPMG / DAMA Data Management in the Era of Dark Data – New Challenges and New Approaches
The digital universe is doubling in size every year, and by 2020 is expected to contain at least 44 zettabytes of (mostly unstructured) data. The ability of organisations to create or source this data will in many cases far exceed their ability to analyse it to drive business value. This unused data is considered “dark”, and represents a huge untapped resource. Organisations are keen to harness this dark data to reveal insights that will provide a strategic advantage for their business.
During this presentation Louise will discuss the opportunities and challenges that dark data presents for Data Managers, covering:
- The new strategies and technologies that will be generating large volumes of data, including social media listening and Internet of Things.
- The risks associated with the storage and management of large volumes of unstructured data, specifically information security and data protection risks.
- Personal data and the rights of data subjects in an ever-increasing regulatory environment – the NIS Directive and EU GDPR.
- The tools and methodologies available to analyse unstructured dark data.
- Perishability of insights and the treatment of stale data.
- Transformation of dark data into a corporate asset.
2:45 PM 3:15pm Coffee break
3.15pm 3:45pm Everett Breakey ISACA Ireland Chapter – CSX Fundamentals – The good, bad, and ugly of the Skills Gap
In Jan 2018 CSOONLINE.Com carried a survey of 620 IT and cybersecurity professional across all industries, with respondents working in North America and Western Europe. Respondents were asked to identify areas in which they have a “problematic shortage” of skills on an annual basis. In the survey respondents said cybersecurity represents the biggest area where their organizations have a problematic shortage of cybersecurity skills. The #2 response was IT architecture/planning, and the #3 response was server/virtualization administration. It’s good in that there is work out there for those suitably skilled. It’s bad if you are an employer. It can be a bit ugly getting started. . What can ISACA do to make things a little prettier?
3:45pm 4:15pm Panel – All Speakers -Panel Discussion on “Governance Risk Compliance – The GRC 3 B’s – Buzzwords, Benefits, or Burden?”
4:15 PM 4:30 PM Wrap up Feargal O’Neill ISACA Ireland
Gonzalo Caro, CDPO, CIPP/E, is a Dublin-based Data Protection & Privacy Manager in the Microsoft Services division. With more than 18 years’ experience in Governance, Risk & Compliance and Operations, Gonzalo was previously responsible for controls and compliance for the Microsoft EMEA Commercial business (~$15bn p.a.) across different risk and compliance domains (order-to-invoice, business continuity and data protection), and was the chair for Microsoft Ireland’s Governance and Compliance Board of Directors. Gonzalo graduated with First Class Honours in Business Management through Dublin Business School and also completed studies in Philosophy and Logic in Badajoz (Spain). Gonzalo obtained the Certified Data Protection Officer qualification in May 2017 via UCD. Gonzalo has also co-chaired the IAPP KnowledgeNet in Ireland since 2016, being a CIPP/E qualified member of the association. On a personal note, Gonzalo lives in Dublin with his wife and 12-years’ old daughter and is an avid flamenco guitar player.