SlideShare une entreprise Scribd logo
1  sur  163
Managing Privacy RiskManaging Trust?,[object Object],Víctor Chapela – Sm4rt,[object Object],Nathaly Rey – ISMS Forum Spain,[object Object]
Privacy Origin,[object Object],	Human Rights,[object Object],The right to a dignified life,[object Object],Legal order independence,[object Object],	Universal Declaration of Rights (1942),[object Object],Right to intimacy,[object Object],Information self-determination / Privacy ,[object Object]
What do we understand by Privacy?,[object Object],Having control over my personal information ,[object Object],The ability to limit:,[object Object],Who keeps it,[object Object],What can be done with it,[object Object],Purposes of use,[object Object]
Privacy in the World,[object Object]
Legal and Institutional Frameworks,[object Object],International: Standardization efforts,[object Object],European: Under revision,[object Object],US: Consumer Protection approach,[object Object],Canada: Sector based approach,[object Object],Latin America: European Model?,[object Object],Others,[object Object]
Privacy Regulatory Overview,[object Object],                 EU,[object Object],                 USA,[object Object],EU“light”,[object Object],Hábeas Data,[object Object],        Four Main Groups,[object Object]
Universally Accepted Privacy DirectivesMadrid Conference: Privacy and Data Protection Authorities of the 5 continents,[object Object]
Principles,[object Object],Lawfulness and fairness ,[object Object],Purpose specification,[object Object],Openness (Information),[object Object],Proportionality,[object Object],Data quality ,[object Object],Accountability,[object Object]
Legitimacy of Processing,[object Object],Consent,[object Object],Sensitive Data,[object Object],Provision of processing services,[object Object],International transfers,[object Object]
Rights,[object Object],Access ,[object Object],Rectify,[object Object],Delete,[object Object],Opposition,[object Object]
Monitoring and Liability,[object Object]
Proactive Measures,[object Object]
Chief Privacy Officer,[object Object],What is a Chief Privacy Officer?,[object Object],Which is his place in the organization?,[object Object],Solid knowledge and ample experience,[object Object],Certified Data Privacy Professional,[object Object]
Risk Management,[object Object],14,[object Object]
Risk Management,[object Object],Audit,[object Object],Independence,[object Object],Qualified expert,[object Object]
Privacy Impact Analysis,[object Object]
Mexico’s Privacy Law	,[object Object],ü,[object Object],ü,[object Object],ü,[object Object],ü,[object Object],ü,[object Object]
Specific Aspects and Challenges,[object Object],Specific Aspects,[object Object],Financial Data,[object Object],Auto-regulation,[object Object],Criminal charges,[object Object],Fines up to US $2.8M ,[object Object],Challenges,[object Object],Privacy Notice: proof,[object Object],Strategy for compliance,[object Object],Privacy Awareness,[object Object]
Link between Privacy and Security,[object Object]
Why isPrivacy agrowing concern?,[object Object]
How can we understand ,[object Object],Digital Risk?,[object Object]
3 Types ofDigital Risk,[object Object], Accidental,[object Object], Opportunistic,[object Object], Intentional,[object Object],3. Intentional,[object Object]
		Intentional 	Digital Risk = Threat  x 	Vulnerability,[object Object]
Threat hasincreasedgeometrically!,[object Object]
Vulnerabilities areincreasing exponentially!!,[object Object]
Digital Risk = Threat x Vulnerability,[object Object],Threat ,[object Object]
Perceived Risk is Reduced,[object Object]
We all feel anonymous!This is true for criminals as well…,[object Object]
Without risk we all become lawbreakers!,[object Object]
By reducing the risk of breaking the law, everyone’s risk has grown,[object Object]
Profitability = Return / Risk,[object Object]
We are arriving at a new balance,[object Object],Profit,[object Object],Risk,[object Object]
Much more illegal money to be made!,[object Object]
Threathasincreasedgeometrically,[object Object]
Digital Risk = Threat  x Vulnerability,[object Object],Vulnerability,[object Object]
Wehavelost,[object Object],Control,[object Object]
Computers	 used to be	deterministic,[object Object]
Our digitalWorld hasbecome,[object Object],Undeterministic,[object Object]
Computers have become so complex they are not predictable any more,[object Object]
We rebootas a way to return to a known state,[object Object]
In chaotic systems we can only predict the first fewiterations,[object Object]
Networks increase complexity,[object Object]
Managing privacy
Managing privacy
36  Nodes,[object Object],630  Connections,[object Object],2,783,137,628,160 Sockets,[object Object]
Moredevices = even moreconnections,[object Object]
Connections 	Grow Exponentially,[object Object]
Network connection growth 		creates,[object Object],Value,[object Object]
Butitalso increases Complexity,[object Object]
Complexity andUnpredictability increaseFrustration,[object Object]
Risk,[object Object],As well as,[object Object]
How doesDigital Risk affectPrivacy?,[object Object]
Reduced   Privacy 	risk perception,[object Object]
TheNature of Privacy Risk isnot new,[object Object]
Privacy Risk hasincreased because of4 aspects,[object Object]
1. Speed,[object Object]
It use to take days or weeks for information to be shared,[object Object]
Now it is instantaneous!,[object Object]
2. Dispersion,[object Object]
The same people that would keep our secrets…,[object Object]
… are now becoming digital information broadcasters,[object Object]
Every single tweet is received in average by over 487 people,[object Object],The most retweeted message was received by more than 24 million accounts,[object Object]
3. Persistence,[object Object]
We used to easily control, restrict access and destroy physical copies of our personal data,[object Object]
Source: http://www.civic.moveon.org/facebook/chart/,[object Object]
4. Clustering,[object Object]
Our files used to be difficult toaccess,[object Object]
Now it is all clusteredandavailable worldwide ,[object Object]
Therefore, if you were caught at an inconvenient state…,[object Object]
…your girlfriend would have immediate access…,[object Object]
… as well as all her friends…,[object Object]
…probably, forever!,[object Object]
So yes, privacy is a growing concern,[object Object],And not only at a reputational level,[object Object]
Privacy is always a risk for INDIVIDUALS,[object Object],An organization’s risk always translates to individual stakeholder risks,[object Object],Employees get fired,[object Object],Users or customers are damaged,[object Object],Shareholders lose money,[object Object]
Two types of Privacy,[object Object],Intimacy,[object Object],Identity,[object Object]
Intimacy,[object Object],Ethnic origin or race,[object Object],Health,[object Object],Religious, philosophical and moral beliefs,[object Object],Syndicate affiliation,[object Object],Political views,[object Object],Sexual preference,[object Object]
Identity,[object Object],Name and address,[object Object],e-Mail,[object Object],Location,[object Object],Biometrical readings,[object Object],Payment card number,[object Object],User and password,[object Object],Behavioral information,[object Object]
Two types of Privacy,[object Object],Intimacy,[object Object],Perception <- Trust,[object Object],Regulation Compliance,[object Object],Identity,[object Object],Perception <- Trust,[object Object],Information Value,[object Object]
The most valuable piece 	of our personal information 			is our Identity,[object Object]
Most valuable, for others!,[object Object]
2009 Data Breach Investigations Report,[object Object],Verizon Business RISK Team,[object Object]
98% Payment Card Data,[object Object]
1.5% Other Personal Information,[object Object]
Information posted for Sale,[object Object],Rank	%	Information,[object Object],23%	CVV2 Numbers,[object Object],18%	Credit Card Numbers,[object Object],15%	Credit card expiration dates,[object Object],12%	Addresses,[object Object],11%	Phone numbers,[object Object],6%	Email addresses,[object Object],5%	PIN for credit or debit cards,[object Object],4%	Social Security numbers,[object Object],4%	Full names,[object Object],2%	Dates of birth	,[object Object],http://www.symantec.com/business/theme.jsp?themeid=threatreport,[object Object]
Managing privacy
How was this data stolen?,[object Object]
2/3 Hacking,[object Object]
1/3 Malware,[object Object]
Malware,[object Object]
Hacking,[object Object]
79% SQL Injection,[object Object]
Managing privacy
Managing privacy
Managing privacy
Credit or Debit		Cards,[object Object]
and OnlineBanking	,[object Object]
Personal			Information,[object Object]
Are both part of IdentityTheft,[object Object]
Over100billion,[object Object],per year in losses,[object Object]
300%,[object Object],yearly growth rate,[object Object]
Two types of Privacy,[object Object],Intimacy,[object Object],Privacy Regulation Risk Management,[object Object],Identity,[object Object],Value Based Risk Management ,[object Object]
They are divided into two groups:,[object Object],Redundancy,[object Object],Availability?,[object Object],Business ,[object Object],Impact,[object Object],BIA,[object Object],Filters andAuthentication,[object Object],Confidentiality and Integrity?,[object Object],Market ,[object Object],Value,[object Object],IVA,[object Object]
Information Value Analysis,[object Object],Information Risk= Impact x Probability,[object Object],Impact is determined by estimatingEconomic Value,[object Object],Probabilityismeasured by calculating Potential Connections,[object Object]
How tocalculateinformation value?,[object Object]
Intentionality,[object Object],Information,[object Object],Assets,[object Object],Information,[object Object],User Profiles,[object Object],Potential,[object Object],Losses,[object Object],Possible,[object Object],Attacks,[object Object],High Risk,[object Object],Nodes,[object Object],EconomicValue,[object Object],Access to High Risk,[object Object],Nodes,[object Object],Attacker,[object Object],Profit,[object Object],Known,[object Object],Attacks,[object Object]
Managing privacy
We need to accept Risk,[object Object],Potential moves are infinite,[object Object]
Highly Dynamic Environment,[object Object]
Theboard changes daily,[object Object]
ThePieceschange daily,[object Object]
Therules change daily,[object Object]
Players change daily,[object Object]
TheEnd justifies theMeans,[object Object],In preventing Intentional Risk ,[object Object],nothing less than securing allvectors is enough,[object Object]
Defense must 		be Optimized,[object Object]
Optimize Speed,[object Object]
Optimize Resources,[object Object]
Value Management Method,[object Object],Possible ,[object Object],Incidents,[object Object],Real,[object Object],Incidents,[object Object],Applicable,[object Object],Incidents,[object Object],Recurring,[object Object],Incidents,[object Object],Measurement of Added Value,[object Object],Prioritized Incidents,[object Object]
This is how we estimate threatandImpact,[object Object]
How are probability 				andVulnerabilitycalculated?,[object Object]
Assets& ,[object Object],Account Profiles,[object Object]
Assets & ,[object Object],Account Profiles,[object Object]
      COBIT,[object Object],Risks,[object Object],EfectividadEficienciaConfidencialidadIntegridadDisponibilidadCumplimientoConfiabilidad,[object Object],Business Requirements,[object Object],AplicacionesInfraestructuraInformaciónPersonas,[object Object],DOMINIOS,[object Object],PROCESOSACTIVIDADES,[object Object],IT Resources,[object Object],IT Processes,[object Object],Nodes,[object Object],Connections,[object Object]
Types ofNodes,[object Object],Information,[object Object],User,[object Object],Connection,[object Object],Information Node,[object Object],User Node,[object Object],Transfer,[object Object],Process,[object Object],Store,[object Object],Consult,[object Object]
NodeGrouping,[object Object],User Profiles,[object Object]
Graph Segmentation,[object Object]
Connection Measurement,[object Object]
Redundancy,[object Object],Availability?,[object Object],Business ,[object Object],Impact,[object Object],Assets,[object Object],Filters andAuthentication,[object Object],Confidentiality and Integrity?,[object Object],Market ,[object Object],Value,[object Object],Assets,[object Object],Accounts,[object Object]
Monitoring is also Required,[object Object],Availability?,[object Object],Business ,[object Object],Impact,[object Object],Monitoring & Response,[object Object],Assets,[object Object],Confidentiality and Integrity?,[object Object],Market ,[object Object],Value,[object Object],AssetsProfiles,[object Object]
Identity is the key to,[object Object],		better risk management,[object Object]
Default Close,[object Object],Default Open,[object Object],Availability,[object Object],Confidentiality,[object Object]
Focus controls on main risks,[object Object]
Determinewhich,[object Object],  nodes ,[object Object],tomonitor,[object Object]
Redundancy,[object Object],Activos,[object Object],Monitoring,[object Object],Filtering &Authenticacion,[object Object],Risk Operation Center,[object Object]
RiskAnalysis,[object Object]
Always,[object Object],R1,[object Object],Weak password storage protocol,[object Object],R5,[object Object],R2,[object Object],R2,[object Object],Absence of robust password policy,[object Object],R3,[object Object],Absence of data entry validation for web applications,[object Object],R3,[object Object],R4,[object Object],Possible,[object Object],Probability,[object Object],R1,[object Object],R6,[object Object],R4,[object Object],Existing applications with vulnerable remote support,[object Object],R5,[object Object],Weak wireless ciphered communication protocol,[object Object],R6,[object Object],Absence of operating system security configuration,[object Object],Almost never,[object Object],Very high,[object Object],Insignificant,[object Object],Medium,[object Object],Impact,[object Object],Main Risks,[object Object]
Quick Hits,[object Object],High,[object Object],S1,[object Object],S2,[object Object],Password Policy,[object Object],S5,[object Object],S4,[object Object],S2,[object Object],Migration of wireless communication protocol,[object Object],Strategic,[object Object],Quick Hits,[object Object],S6,[object Object],S3,[object Object],S1,[object Object],Strategic,[object Object],S7,[object Object],S3,[object Object],Security configuration guidelines for applications,[object Object],Moderate,[object Object],Positive Impact of Implementation,[object Object],S4,[object Object],Security configuration guidelines for operating systems,[object Object],Not Viable,[object Object],Nice To Have,[object Object],S5,[object Object],Migration of passwords storage protocols,[object Object],S6,[object Object],Secure application development process,[object Object],Minimum,[object Object],S7,[object Object],Migration of remote support protocol,[object Object],Minor,[object Object],Medium,[object Object],Major,[object Object],Effort,[object Object],Action Plan,[object Object]
Procesos,[object Object],Gente,[object Object],Tecnología,[object Object],Policies and Configuration Guidelines,[object Object],S3,[object Object],Security configuration guidelines for applications,[object Object],S4,[object Object],Security configuration guidelines for operating systems,[object Object],Governance,[object Object],S1,[object Object],Password policy,[object Object],Processes and Roles,[object Object],S1,[object Object],Superior Technologies,[object Object],User controls,[object Object],S7,[object Object],S8,[object Object],S0,[object Object],S9,[object Object],Migration of remote support protocols,[object Object],Network controls,[object Object],S5,[object Object],Migration of password storage protocols,[object Object],S2,[object Object],Migration of wireless communication protocols,[object Object],S2,[object Object],Host controls,[object Object],S4,[object Object],S5,[object Object],Recommendations for Sustainability,[object Object],Application controls,[object Object],S3,[object Object],4,[object Object],S7,[object Object],S8,[object Object],Secure change process administration,[object Object],Data level controls,[object Object],S9,[object Object],Risk administration process,[object Object],S0,[object Object],Vulnerability patches and updates process,[object Object],S6,[object Object],Secure application development process,[object Object],Recommendations,[object Object]
Q1,[object Object],Q2,[object Object],Q3,[object Object],Q4,[object Object],Q1,[object Object],Q2,[object Object],Q3,[object Object],Q4,[object Object],Risk Administration Implementation,[object Object],Secure application development ,[object Object],implementation,[object Object],Vulnerability patches and updates ,[object Object],process administration,[object Object],Secure change process administration,[object Object],Migration to robust remote support protocols,[object Object],Migration of wireless ,[object Object],communication protocol,[object Object],Migration of password storage,[object Object],Password policy,[object Object],Security configuration guidelines for ,[object Object],operating system,[object Object],Security configuration guidelines for applications,[object Object],2010,[object Object],2011,[object Object],Mitigation Roadmap,[object Object]
Demystifying the  Privacy Implementation 		   Process,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Business Process Analysis,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Identification of applicable Law,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Business Process Analysis,[object Object],Stakeholder Information acquisition,[object Object],Types of data,[object Object],Internal and external data flows,[object Object],Purpose of treatment,[object Object],Information systems and security measures,[object Object],Retention policies,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Data Lifecycle Inventory,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Privacy Legal & Regulatory Requirements (PIA),[object Object],1. Legal & Regulatory,[object Object],Contracts,[object Object],Clauses,[object Object],Privacy notices,[object Object],Authorizations,[object Object],Jurisdictions,[object Object],Other regulations ,[object Object],Money laundering ,[object Object],Sectorial,[object Object],Etc.,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Privacy Legal & Regulatory Requirements (PIA),[object Object],2. Technical,[object Object],Authentication & authorization,[object Object],Access control,[object Object],Incident log,[object Object],Removable media and document management,[object Object],Security copies,[object Object],Recovery tests,[object Object],Physical Access,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Privacy Legal & Regulatory Requirements (PIA),[object Object],3. Organizational,[object Object],Data privacy officer,[object Object],Roles and responsibilities,[object Object],Policies, procedures and standards,[object Object],Notifications to authorities,[object Object],Audits,[object Object],Compliance and evidence,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Legal & Regulatory Data Categories,[object Object],High Risk,[object Object],Syndicate Affiliation,[object Object],Health,[object Object],Sexual life,[object Object],Beliefs,[object Object],Racial Origin,[object Object],Medium Risk,[object Object],Financial Profile,[object Object],Personal Fines,[object Object],Credit Scoring,[object Object],Tax Payment Information,[object Object],Basic Risk,[object Object],Personal Identifying Information,[object Object],Employment,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
External Economic Data Value (IVA),[object Object],Black Market Value,[object Object],Sale price,[object Object],News Value,[object Object],Newspaper,[object Object],Magazines,[object Object],Television,[object Object],Competition,[object Object],Market Value,[object Object],Brand Value,[object Object],Political Value,[object Object],Authorities,[object Object],Fines,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Data Value Categories,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Asset Inventory,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Policy Generation,[object Object],How should this data be:,[object Object],generated?,[object Object],stored?,[object Object],transferred?,[object Object],processed?,[object Object],accessed?,[object Object],backed-up?,[object Object],destroyed?,[object Object],monitored?,[object Object],How should we react and escalate an incident or breach?,[object Object],How will we punish compliance?,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Controls, Standards & Procedures,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Controls are defined and mapped for each policy level,[object Object],Technical Standards,[object Object],Procedures,[object Object],Compensatory Controls,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Controls, Standards & Procedures,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
Implementation & Audit,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],BestPractices,[object Object],Laws and Regulations,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],PROCESSES,[object Object],Policy Generation,[object Object],APPLICATIONS,[object Object],PEOPLE,[object Object],Controls,[object Object],Controls, Standards, Procedures,[object Object],Evidence,[object Object],Implementation & Audit,[object Object],I.ACT,[object Object],D.SEG,[object Object],LOPD,[object Object],SOX,[object Object],LSSI,[object Object],ASSETS,[object Object],NETWORKS,[object Object],COMUNIC.,[object Object],CONTRACT,[object Object]
Implementation & Audit,[object Object],Business Process Analysis,[object Object],Data Lifecycle Inventory,[object Object],Data Value (IVA),[object Object],Legal & Regulatory Requirements (PIA) ,[object Object],Data Categories,[object Object],Data Categories,[object Object],Asset Inventory,[object Object],Policy Generation,[object Object],Controls, Standards, Procedures,[object Object],Implementation & Audit,[object Object]
RegulatoryRisk Management,[object Object],Types,[object Object],Impact,[object Object],Fines,[object Object],Reputation,[object Object],Image,[object Object],Good,[object Object],Corporative,[object Object],Governance,[object Object],Laws and norms,[object Object],Indemnities,[object Object],Client,[object Object],Forfeits,[object Object],Internal,[object Object],Operative,[object Object],Improvement,[object Object],Contracts,[object Object],Risk,[object Object],Management,[object Object],Competitive,[object Object],Difference,[object Object],Business ,[object Object],Continuity,[object Object],Guarantee,[object Object],Standards and  ,[object Object],Codes,[object Object],Stockholder,[object Object],trust,[object Object],Corporative,[object Object],Culture,[object Object],Fight,[object Object],Internalfraud,[object Object],Internalpolicies,[object Object],155,[object Object]
How can Privacy Risks be classified?,[object Object],Economic,[object Object],Operational,[object Object],Reputational,[object Object],Competition,[object Object]
Quick tips,[object Object],Doing International Business,[object Object],What to watch out for?,[object Object],Localization,[object Object],Local regulations,[object Object],Due diligence,[object Object],Audit,[object Object],Monitoring,[object Object],Contact with authorities,[object Object],Jurisdiction,[object Object]
Non compliance TOP 5,[object Object],Employee awareness,[object Object],Lack of transparency,[object Object],Third parties,[object Object],Intercompany data flows,[object Object],Collection of unnecessary information,[object Object]
Two types of Privacy,[object Object],Intimacy,[object Object], Privacy Regulation Compliance,[object Object],Identity,[object Object], Information Value Risk Management,[object Object]
3 Main Aspects of Privacy,[object Object], Legal,[object Object], Organizational,[object Object], Technical,[object Object]
Privacy is not only about Compliance!,[object Object],Through Privacy we guarantee individual rights.,[object Object],By doing so, we increase stakeholder trust and increase our competitiveness.,[object Object]
Privacy Risk Management: Stakeholders Trust Management,[object Object],“Trust is the belief that a person or group will be able or willing to act an adequate and predictable manner under certain situations.”,[object Object]
Thank you!,[object Object],Víctor Chapela	      Nathaly Reyvictor@sm4rt.com 	    nrey@ismsforum.es,[object Object]

Contenu connexe

Tendances

Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Next Dimension Inc.
 
Reduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperReduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperShaun O'keeffe
 
E commerce security system 0605
E commerce security system 0605E commerce security system 0605
E commerce security system 0605SovanChanda
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityJoan Weber
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Kroll
 
Compliant Cloud Hosting: What You Need to Know | Symmetry™
Compliant Cloud Hosting: What You Need to Know | Symmetry™Compliant Cloud Hosting: What You Need to Know | Symmetry™
Compliant Cloud Hosting: What You Need to Know | Symmetry™Symmetry™
 
June 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be YouJune 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be Youseadeloitte
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 
Security Built Upon a Foundation of Trust
Security Built Upon a Foundation of TrustSecurity Built Upon a Foundation of Trust
Security Built Upon a Foundation of Trustlmgangi
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix
 
2017 october supplementary_reading
2017 october supplementary_reading2017 october supplementary_reading
2017 october supplementary_readingseadeloitte
 
Richmond reprint 20151106
Richmond reprint 20151106Richmond reprint 20151106
Richmond reprint 20151106Ted Richmond
 
Mass 201 CMR 17 Data Privacy Law
Mass 201 CMR 17 Data Privacy LawMass 201 CMR 17 Data Privacy Law
Mass 201 CMR 17 Data Privacy Lawguest8b10a3
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...hdicapitalarea
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryFerrariT1
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and MitigationsApril Mardock CISSP
 
Payment card industry data security standard 1
Payment card industry data security standard 1Payment card industry data security standard 1
Payment card industry data security standard 1wardell henley
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Cal cpa meeting infosec challenge - 160511
Cal cpa meeting infosec challenge - 160511Cal cpa meeting infosec challenge - 160511
Cal cpa meeting infosec challenge - 160511Stan Stahl, PhD
 

Tendances (20)

Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
 
Reduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperReduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - Whitepaper
 
E commerce security system 0605
E commerce security system 0605E commerce security system 0605
E commerce security system 0605
 
Corporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber SecurityCorporate Treasurers Focus on Cyber Security
Corporate Treasurers Focus on Cyber Security
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
 
Compliant Cloud Hosting: What You Need to Know | Symmetry™
Compliant Cloud Hosting: What You Need to Know | Symmetry™Compliant Cloud Hosting: What You Need to Know | Symmetry™
Compliant Cloud Hosting: What You Need to Know | Symmetry™
 
June 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be YouJune 2017 - Your Biggest Risk Could Be You
June 2017 - Your Biggest Risk Could Be You
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
Security Built Upon a Foundation of Trust
Security Built Upon a Foundation of TrustSecurity Built Upon a Foundation of Trust
Security Built Upon a Foundation of Trust
 
ThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network PresentationThreatMetrix Fraud Network Presentation
ThreatMetrix Fraud Network Presentation
 
2017 october supplementary_reading
2017 october supplementary_reading2017 october supplementary_reading
2017 october supplementary_reading
 
Richmond reprint 20151106
Richmond reprint 20151106Richmond reprint 20151106
Richmond reprint 20151106
 
Mass 201 CMR 17 Data Privacy Law
Mass 201 CMR 17 Data Privacy LawMass 201 CMR 17 Data Privacy Law
Mass 201 CMR 17 Data Privacy Law
 
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
HDI Capital Area Meeting May 2019 Cybersecurity Planning for the Modern Techn...
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care Industry
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
 
Payment card industry data security standard 1
Payment card industry data security standard 1Payment card industry data security standard 1
Payment card industry data security standard 1
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
Cal cpa meeting infosec challenge - 160511
Cal cpa meeting infosec challenge - 160511Cal cpa meeting infosec challenge - 160511
Cal cpa meeting infosec challenge - 160511
 

Similaire à Managing privacy

Cybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalCybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalVivek Ahuja
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen   data leakage prevention presentationShariyaz abdeen   data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
Issala exec-forum-opening-150604
Issala exec-forum-opening-150604Issala exec-forum-opening-150604
Issala exec-forum-opening-150604ISSA LA
 
The Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataThe Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataTyler Hannan
 
Defensive information warfare
Defensive information warfareDefensive information warfare
Defensive information warfarestuimrozsm
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...XeniT Solutions nv
 
Information security management v2010
Information security management v2010Information security management v2010
Information security management v2010joevest
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovEric Vanderburg
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
Data Security for Nonprofits
Data Security for NonprofitsData Security for Nonprofits
Data Security for NonprofitsNPowerCR
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
Pre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPete Pouridis
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...Don Grauel
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxNakhoudah
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"OCTF Industry Engagement
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerceMohsin Ahmad
 

Similaire à Managing privacy (20)

Cybersecurity pres 05-19-final
Cybersecurity pres 05-19-finalCybersecurity pres 05-19-final
Cybersecurity pres 05-19-final
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen   data leakage prevention presentationShariyaz abdeen   data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
Issala exec-forum-opening-150604
Issala exec-forum-opening-150604Issala exec-forum-opening-150604
Issala exec-forum-opening-150604
 
The Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card DataThe Easy WAy to Accept & Protect Credit Card Data
The Easy WAy to Accept & Protect Credit Card Data
 
Defensive information warfare
Defensive information warfareDefensive information warfare
Defensive information warfare
 
Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...Data Security in the Insurance Industry: what you need to know about data pro...
Data Security in the Insurance Industry: what you need to know about data pro...
 
Information security management v2010
Information security management v2010Information security management v2010
Information security management v2010
 
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnovProtecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
Data Security for Nonprofits
Data Security for NonprofitsData Security for Nonprofits
Data Security for Nonprofits
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
Pre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_ReadyPre-PostBreach_Are_Your_Ready
Pre-PostBreach_Are_Your_Ready
 
BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the risk
 
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
Discussing Cyber Risk Coverage With Your Commercial Clients by Steve Robinson...
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Matt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptxMatt_Cyber Security Core Deck September 2016.pptx
Matt_Cyber Security Core Deck September 2016.pptx
 
CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"CRI Extract from "Cyber Lessons from the Front lines"
CRI Extract from "Cyber Lessons from the Front lines"
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerce
 

Plus de Juan Carlos Carrillo

La falta de talento en ciberseguridad 2017
La falta de talento en ciberseguridad 2017La falta de talento en ciberseguridad 2017
La falta de talento en ciberseguridad 2017Juan Carlos Carrillo
 
Ciberseguridad después del COVID-19 - Speakers México
Ciberseguridad después del COVID-19 - Speakers MéxicoCiberseguridad después del COVID-19 - Speakers México
Ciberseguridad después del COVID-19 - Speakers MéxicoJuan Carlos Carrillo
 
Webinar: Privacidad y Comercio Electrónico
Webinar: Privacidad y Comercio ElectrónicoWebinar: Privacidad y Comercio Electrónico
Webinar: Privacidad y Comercio ElectrónicoJuan Carlos Carrillo
 
Seguridad, una visión desde el Riesgo, Gobierno y Cumplimiento
Seguridad, una visión desde el Riesgo, Gobierno y CumplimientoSeguridad, una visión desde el Riesgo, Gobierno y Cumplimiento
Seguridad, una visión desde el Riesgo, Gobierno y CumplimientoJuan Carlos Carrillo
 
260215 ley federal de proteccion de datos personales en posesión de particul...
260215 ley federal de proteccion de datos personales en posesión de particul...260215 ley federal de proteccion de datos personales en posesión de particul...
260215 ley federal de proteccion de datos personales en posesión de particul...Juan Carlos Carrillo
 
Privacloudacy or risecurityk for b secure
Privacloudacy or risecurityk for b securePrivacloudacy or risecurityk for b secure
Privacloudacy or risecurityk for b secureJuan Carlos Carrillo
 
La seguridad informática en la toma de decisiones v2
La seguridad informática en la toma de decisiones v2La seguridad informática en la toma de decisiones v2
La seguridad informática en la toma de decisiones v2Juan Carlos Carrillo
 
Regulación Bancaria en México - Capitulo X CNBV
Regulación Bancaria en México - Capitulo X CNBVRegulación Bancaria en México - Capitulo X CNBV
Regulación Bancaria en México - Capitulo X CNBVJuan Carlos Carrillo
 
Más respuestas a la protección de datos
Más respuestas a la protección de datosMás respuestas a la protección de datos
Más respuestas a la protección de datosJuan Carlos Carrillo
 
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...Juan Carlos Carrillo
 
Quien tiene el mono? - Who's Got the Monkey?
Quien tiene el mono? - Who's Got the Monkey?Quien tiene el mono? - Who's Got the Monkey?
Quien tiene el mono? - Who's Got the Monkey?Juan Carlos Carrillo
 
Ley protección de datos personales
Ley protección de datos personalesLey protección de datos personales
Ley protección de datos personalesJuan Carlos Carrillo
 
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP?
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP? ¿Cómo atender las implicaciones del Reglamento de la LFPDPPP?
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP? Juan Carlos Carrillo
 
Datos personales y riesgos digitales
Datos personales y riesgos digitalesDatos personales y riesgos digitales
Datos personales y riesgos digitalesJuan Carlos Carrillo
 
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...Juan Carlos Carrillo
 
Ley federal de proteccion de datos personales
Ley federal de proteccion de datos personalesLey federal de proteccion de datos personales
Ley federal de proteccion de datos personalesJuan Carlos Carrillo
 

Plus de Juan Carlos Carrillo (20)

La falta de talento en ciberseguridad 2017
La falta de talento en ciberseguridad 2017La falta de talento en ciberseguridad 2017
La falta de talento en ciberseguridad 2017
 
Ciberseguridad después del COVID-19 - Speakers México
Ciberseguridad después del COVID-19 - Speakers MéxicoCiberseguridad después del COVID-19 - Speakers México
Ciberseguridad después del COVID-19 - Speakers México
 
Webinar: Privacidad y Comercio Electrónico
Webinar: Privacidad y Comercio ElectrónicoWebinar: Privacidad y Comercio Electrónico
Webinar: Privacidad y Comercio Electrónico
 
Seguridad, una visión desde el Riesgo, Gobierno y Cumplimiento
Seguridad, una visión desde el Riesgo, Gobierno y CumplimientoSeguridad, una visión desde el Riesgo, Gobierno y Cumplimiento
Seguridad, una visión desde el Riesgo, Gobierno y Cumplimiento
 
260215 ley federal de proteccion de datos personales en posesión de particul...
260215 ley federal de proteccion de datos personales en posesión de particul...260215 ley federal de proteccion de datos personales en posesión de particul...
260215 ley federal de proteccion de datos personales en posesión de particul...
 
Privacloudacy or risecurityk for b secure
Privacloudacy or risecurityk for b securePrivacloudacy or risecurityk for b secure
Privacloudacy or risecurityk for b secure
 
La seguridad informática en la toma de decisiones v2
La seguridad informática en la toma de decisiones v2La seguridad informática en la toma de decisiones v2
La seguridad informática en la toma de decisiones v2
 
Proteja los Datos más Sensibles
Proteja los Datos más SensiblesProteja los Datos más Sensibles
Proteja los Datos más Sensibles
 
Regulación Bancaria en México - Capitulo X CNBV
Regulación Bancaria en México - Capitulo X CNBVRegulación Bancaria en México - Capitulo X CNBV
Regulación Bancaria en México - Capitulo X CNBV
 
Privacidad y seguridad
Privacidad y seguridadPrivacidad y seguridad
Privacidad y seguridad
 
The personal hedgehog
The personal hedgehogThe personal hedgehog
The personal hedgehog
 
How managers become leaders v2
How managers become leaders v2How managers become leaders v2
How managers become leaders v2
 
Más respuestas a la protección de datos
Más respuestas a la protección de datosMás respuestas a la protección de datos
Más respuestas a la protección de datos
 
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...
Parámetros para el correcto desarrollo de los esquemas de autorregulación vin...
 
Quien tiene el mono? - Who's Got the Monkey?
Quien tiene el mono? - Who's Got the Monkey?Quien tiene el mono? - Who's Got the Monkey?
Quien tiene el mono? - Who's Got the Monkey?
 
Ley protección de datos personales
Ley protección de datos personalesLey protección de datos personales
Ley protección de datos personales
 
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP?
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP? ¿Cómo atender las implicaciones del Reglamento de la LFPDPPP?
¿Cómo atender las implicaciones del Reglamento de la LFPDPPP?
 
Datos personales y riesgos digitales
Datos personales y riesgos digitalesDatos personales y riesgos digitales
Datos personales y riesgos digitales
 
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...
Resumen del Anteproyecto del Reglamento de la Ley Federal de Protección de Da...
 
Ley federal de proteccion de datos personales
Ley federal de proteccion de datos personalesLey federal de proteccion de datos personales
Ley federal de proteccion de datos personales
 

Dernier

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 

Dernier (20)

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 

Managing privacy

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 86.
  • 87.
  • 88.
  • 89.
  • 90.
  • 91.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99.
  • 100.
  • 101.
  • 102.
  • 103.
  • 104.
  • 105.
  • 107.
  • 108.
  • 109.
  • 110.
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.
  • 123.
  • 124.
  • 125.
  • 126.
  • 127.
  • 128.
  • 129.
  • 130.
  • 131.
  • 132.
  • 133.
  • 134.
  • 135.
  • 136.
  • 137.
  • 138.
  • 139.
  • 140.
  • 141.
  • 142.
  • 143.
  • 144.
  • 145.
  • 146.
  • 147.
  • 148.
  • 149.
  • 150.
  • 151.
  • 152.
  • 153.
  • 154.
  • 155.
  • 156.
  • 157.
  • 158.
  • 159.
  • 160.
  • 161.
  • 162.
  • 163.

Notes de l'éditeur

  1. Determinism is a system in which no randomness is involved since causes are directly linked to consequences and, therefore, results are predictable..
  2. To calculate the probability of an attack we use Graph Theory. It shows us the best route (least obstacles) by which an attacker may obtain the criminal objective be it by way of one or various nodes.
  3. Graphic analysis of risks using probability versus impact.