Your organization cannot escape from cyber security. You process data and you are obliged by the General Data Protection Regulation (GDPR) to protect the data by taking appropriate organizational and technical measures. When it comes to 'organizational' measures you can think along the lines of an authorization policy (who can access what), and with 'technical' measures you can think along the lines of the actual implementation of the authorization policy. In this training I will provide you and / or your employees with information about how Phishing works, what Social Engineering is, what Malware is and many more practical tips. Participants will be asked to think on the spot about improvements for their organization / department and will take home a handy checklist that they can use in the organization to see where improvements are possible.
You are required by the General Data Protection Regulation (GDPR) to apply a Data Protection Impact Assessment (DPIA) to processing activities with a high risk. In this training you will learn how to set classification levels, classify your risks and when you should perofrm a DPIA. I will show you how to do this via my template and in accordance with the requirements of the GDPR.
The General Data Protection Regulation entered into force on May 25, 2018. As soon as you process personal data of residents and citizens you are obliged to adhere to the GDPR. In this practical training you will learn the basic principles of the GDPR. Afterwards you know which criteria the Dutch Data Protection Authority uses to determine the amount of any fine and, of course, you will learn how to prevent gettig a fine.
Not just machines, but also people work in your organization. People are the biggest cause of data breaches and cyber security incidents. It is important that you control the risks of human factors in your organization. In this training we will use the CPRM Human Factor Security Risk Management model to see how we can limit various risks within the organization that are caused by human actions.
The General Data Protection Regulation (GDPR) requires a risk-based approach. This means that what applies to one company does not have to be the same for the other. It is not a one-size-fits-all. Your organization has its own unique risks, both company-wide and privacy related. In this training we will elaborate on what risk management is, what privacy risks are and various methods and registers to create an overview to monitor and control your privacy risks.
You are required by the General Data Protection Regulation (GDPR) to keep a register of processing activities. In this register you keep track of, among other things, which personal data you process, how long you store it (retention), where it is stored and whether you share it with third parties. In this training you will learn what must be included in a register of processing activities, how you can best set it up and maintain it. You will also see a number of examples of different tools that you can use to create and maintain a register of processing activities.