Key Points
  • Receive expert advice on how to identify and report a breach to the ICO
  • Gain legal expertise, evaluate your duties and liabilities in the event of a breach
  • Review lessons from high profile incidents and ensure your incident response plan is up to date
  • Learn how to risk assess your vulnerabilities and contain and isolate a breach promptly when it happens
  • Best practice for training staff as your first point for prevention
  • Reporting to European Data Protection Authorities (DPA) post Brexit


Overview
Data breaches are a serious threat to all types of businesses, public sector organisations and charities.

Attend this one-day Preventing and Responding to a Data Breach Online Training to improve your ability to detect a data breach and respond promptly. Designed for public and private sector organisations, we will walk you through the key areas in the lifecycle of an incident:

  • Identifying a data breach
  • Triage and developing a crisis response plan
  • Identifying vulnerabilities
  • Complying with legal processes and reporting procedures
  • Damage control
  • Embedding lessons learned

This course will help you develop strategies to evaluate your procedures and protect your organisation from serious financial, reputational, and legal risks.

Through a range of interactive sessions, you will have the opportunity to test your skills through live scenario discussions. Our legal surgery will allow participants to raise their queries and get feedback from a legal expert. Our speakers will share their experiences of advising high profile organisations in recent incidents which will help you embed learnings into your response plan.

The training will be relevant to technical teams, senior management and Board level executives who will be involved in an organisation’s response to a breach.

Course Leader:
David Stubley, CEO, 7 Elements
Founder and CEO of 7 Elements, David brings over 20 years of experience within the technical security market, where he has gained a wealth of knowledge and expertise through the delivery of security testing and in the provision of technical expertise to high profile incidents. His specialist skill is bridging the gap between technical teams, senior management and C-level executives, to improve the understanding, use and development of security testing and incident response. David is an active member of the wider security industry, regularly presenting on the subject of information security and its many facets.

Guest Speakers:
Mathew Schwartz, Executive Editor, DataBreachToday & Europe, ISMG
Laura Irvine, Partner, Davidson Chalmers Stewart LLP

Agenda
Start

10:00 - 10:10
Course Introduction

 

10:10 - 11:00
Identifying a Data Breach

 
  • Understanding what a data breach is
  • Determining exposed data and information that was compromised 
  • Containment: Isolating data breaches and preventing an escalation 
  • Establishing and following internal communication procedures 
Led by David Stubley

11:00 - 11:45
Developing a Business Continuity and Crisis Response Plan

 
  • Defining roles and responsibilities 
  • Building a plan step by step 
  • Reviewing departmental responsibilities from triaging to containment and recovery
Participants will review the basics for developing crisis response plan and will get the opportunity to get feedback on their scenario planning

Led by David Stubley


11:45 - 12:00
Break

 

12:00 - 12:45
How to Prevent a Data Breach: Risk Assessments, Vulnerabilities and Staff

 
  • Improving defence and response capabilities 
  • Identifying your database vulnerabilities 
  • Training staff to identify weakest link and preventing human errors 
Led by David Stubley

12:45 - 13:15
Immediate Responses to a Data Breach: Complying with Legal Processes

 
  • Understanding your legal obligations as an organisation  
  • Determining when and how to notify the corresponding ICO 
  • Reviewing regulatory changes when reporting breaches to European Data Protection Authorities post Brexit
  • Gathering and presenting evidence 
Led by David Stubley

13:15 - 13:40
Legal Surgery

 
Get your questions answered by our legal expert

Speakers

Laura Irvine Partner, Davidson Chalmers Stewart LLP

Read profile


13:40 - 14:20
Lunch Break

 

14:20 - 15:10
Internal and External Responses to a Data Breach: Damage Control

 
  • Reviewing the scope of the financial, social and reputational damage (legal, communications, IT)
  • Informing affected individuals 
  • Dealing with public scrutiny
Participants will have the opportunity to interact and comment on different scenarios and cases where organisations were fined or faced public backlash 

Led by David Stubley

15:10 - 15:50
Embedding Lessons Learned from a Data Breach

 
  • Learning lessons from other people’s breaches 
  • Reinforcing cyber security systems
  • Recovering loss of information
  • Rebuilding trust
  • Ensuring prevention and resilience  
Participants will get expert analysis from recent practical case studies of high profile incidents in the past year and review lessons learned

Speakers

Mathew Schwartz Executive Editor, Data Breach Today & Europe

Read profile


End

Speakers

Laura Irvine Partner, Davidson Chalmers Stewart LLP

Read profile

Mathew Schwartz Executive Editor, Data Breach Today & Europe

Read profile

David Stubley CEO, 7 Elements

Read profile


Venue details

Online Event Broadcast Live


Speakers
X Close