Greater Detroit (ISC)2 Chapter Meeting SEPTEMBER 25, 2018

Topic: General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) imposes new rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where they are located. It includes enhanced privacy rights, increased responsibility for protecting data, strict breach reporting and significant penalties for non-compliance.

In this session we will review what GDPR is, what has changed from traditional privacy protection, challenges organizations will face with complying with GDPR and why you should comply (large potential penalties). Additional, we discuss at a high level, how to get started with documenting data in scope, assessing compliance and developing a plan to address GDPR gaps. We will focus on both the privacy and cybersecurity requirements of complying with the GDPR.

.

Speaker: Mike Lipinski

Mike is a Principal in the Cybersecurity practice at Plante Moran.  Mike has spent 28 years in information technology, 20 plus of those focused on information security and risk.  Mike has hands on experience building, managing and maturing IT, information security, risk, governance, business continuity and privacy programs in his roles as CIO, CTO, and CISO. Mike has also worked with numerous clients across industries such as financial services, insurance, healthcare, pharma, automotive, manufacturing, government, aviation and energy to assess, design, build run and develop risk, IT governance, and information security programs. Over the past couple of years Mike has been focused on helping organizations build and mature Insider Threat programs, next generation security operation centers, Cyber risk and Fraud programs. Mike has also worked closely with both the energy sector and government on protecting critical infrastructure. Mike’s experience includes design, deployment, management and audit of IT and information security systems, policy and controls development, security and risk programs including ISO, NIST, SANS 20, COSO and OCTAVE, compliance and privacy programs including GLBA, HIPAA, SOX, and PCI. Mike holds a BS in Electrical Engineering from Lawrence Technological University. Mike also holds a patent for developing a new method for determining risk in information systems. Mike is a frequent speaker at industry conferences and trade events and is published regularly in white papers, blogs, news and magazines.

If you have any questions, please post them on LinkedIn or contact us at info@isc2greaterdetroit.org

 Also, you can visit our new website at http://isc2greaterdetroit.org/Events.aspx .