Operationalizing your information security and privacy programs: Building defensible programs that withstand regulatory and legal scrutiny


To build comprehensive, reasonable, and defensible information security and privacy programs, organizations need to develop, implement, and maintain data governance programs that incorporate detailed understanding of the data they collect, own, and share, and understand aspects of each regulation that affects the design of the corresponding information security and privacy programs.

Our panelists will discuss the following:

  • The current information security and privacy landscape
  • The impact of evolving regulation on the legal risks associated with breaches
  • Potential cost of a breach (the numbers are rising!)
  • Practical tips for developing, implementing, maintaining, and monitoring risk-based, comprehensive, reasonable information 
    security and privacy programs capable of withstanding scrutiny
  • Options for providing independent assurance on the effectiveness of information security and privacy programs to a variety 
    of internal and external stakeholders