Events Calendar

NIS, PSD2 & GDPR in Practice, LSEC & the Cyber Security Coalition - Brussels
Thursday 26 April 2018, 08:00am - 05:30pm
Hits : 550
by This email address is being protected from spambots. You need JavaScript enabled to view it.

LSEC Coalition Event


Regulatory Frameworks NIS, PSD2 and GDPR in Practice

The Directive on Security of Network and Information Systems (NIS Directive) aims to achieve a high common level of network and information systems security across the European Union. NIS will improve cyber security capabilities at the national level; increase cooperation on cyber security among EU member states; and introduce security measures & incident reporting obligations for operators of essential services (OESs) in critical national infrastructure and digital service providers (DSPs). In addition to this, financial institutes [being one of these OESs ] are subjected to the revised Payment Services Directive, effective from 13 January 2018. The PSD2 aims in particular at ensuring that all payment services offered electronically are carried out in a secure manner, adopting technologies able to guarantee the safe authentication of the user and to reduce the risk of fraud. This will include a special afternoon programme for practical experiences and strategic updates on GDPR to support the last mile to May 25th. You are invited to join LSEC & the Cyber Security Coalition and dive deeper into these Directives that have a huge impact on Member State Governments, Critical Infrastructure Operators and suppliers of Cyber Security Products & Services. The registration is now open exclusively to Community Members from LSEC and the Cyber Security Coalition

Agenda:

  • 08.00 Registration & Welcome Coffee
  • 09.00 Cyber Security Coalition AGM (for Cyber Security Coalition Members only)
  • 09.30 Welcome Notes by CSC & LSEC , Jan De Blauwe Chairman Cyber Security Coalition & Ulrich Seldeslachts, executive director of LSEC.eu
  • 09.40 Keynote : Experiences in Privacy Security guidance of large organisations on GDPR, PSD2 and Open Banking by Nick CALEY, Vice President Privacy & Security at ForgeRock
  • 10.20 NIS Directive in practice expectations & requirements Valéry Vander Geeten, Centre of Cybersecurity Belgium [CCB]; and ENISA [Speaker to be announced]
  • 11.00 Coffee Break
  • 11.20 Experiences from the trenches on breaches and cybersecurity crimes, by Pepijn Janssen, Founder & CTO at RedSocks
  • 12.00 Panel Discussion: State of Play of NIS in Belgium and impact on Belgian companies, with representatives from Critical Infrastructure Operators, Industry Experts and the Centre of Cybersecurity Belgium [CCB]
  • 12.30 Lunch Break
  • 13.30 Keynote NIS Experiences from France - Work from ANSSI : Requirements Framework for Security Incident Detection Service Providers & Operational Cooperation between Member States
  • 14.10 Experiences from the field in getting Operators of Essential Services (OES) compliant and secured. Pierre Buijsman, Senior Technical Director at FireEye
  • 14.50 eIDAS Certificates by QSTP to power PSD2 trust ecosystem, by Kannan Rasappan – Open Banking / PSD2 Architect & Founder of PSD2 Enabler
  • 15.30 Coffee Break
  • 15.50 Data Protection Impact Assessments in practice, by István Mate Böröcz - researcher at VUB-LSTS and d.pia.lab
  • 16.30 CSC Member Story : Controller Processor relation in B2B – Jan Leonard, Data Protection Officer at Orange Belgium
  • 17.10 Closing Keynote by Willem Debeuckelaere, President of the Belgian Privacy Commission
  • 17.30 Wrap up and Key Learnings of the Day - Closing Reception


Practical Details & Registration

Regulatory Frameworks NIS, PSD2 and GDPR in Practice
VBO- Federation of Enterprises in Belgium
Rue Ravenstein 4
1000 Brussels
Belgium

Participation is restricted to Members from LSEC & the Cyber Security Coalition
Registration via the event registration page using your password.



Addendum: The Impact of the NIS & PSD2 Directives

On Member State governments:
Member States themselves are required to be appropriately equipped, e.g. via a Computer Security Incident Response Team (CSIRT) and a competent national NIS authority. They must take part in cross border activities and join a cooperation group to ensure cooperation among all the Member States, to support and facilitate strategic cooperation and the exchange of information. They will also need to set a CSIRT Network, in order to promote swift and effective operational cooperation on specific cybersecurity incidents and sharing information about risks. In addition to this, each Member State must identify the businesses in sectors that are vital for our economy and society and moreover rely heavily on ICTs and ensure that they take appropriate security measures and notify serious incidents to the relevant national authority. They are required to set their own national rules on financial penalties and must take the measures necessary to ensure that they are implemented. [It is likely that Member States will implement tough penalties similar to that of the GDPR].

On operators of essential services and digital service providers
The NIS Directive will introduce security measures and incident reporting obligations to these entities including financial penalties if these obligations are not met. They must take appropriate technical and organizational measures to secure their network and information systems; Take into account the latest developments and consider the potential risks facing the systems; Take appropriate measures to prevent and minimize the impact of security incidents to ensure service continuity; and notify the relevant supervisory authority of any security incident having a significant impact on service continuity without undue delay.

Banks face an additional challenge with the revised Payment Services Directive [PSD2]
In addition to this, financial institutes [being one of these operators of essential services] are subjected to the revised Payment Services Directive, effective from 13 January 2018. The PSD2 aims in particular at ensuring that all payment services offered electronically are carried out in a secure manner, adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.

Special Thanks to VBO for hosting this Event!

LSEC for Security Professionals

lsec-prof

LSEC for Security Companies

lsec-com

 

LSEC for enterprise & government

lsec-gov

 

LSEC for academia & research institutes

lsec-research

Request information about LSEC Membership

Click here

Sign up for our newsletter

Click here

Learn more about current projects & industry collaborations

Click here

Contact us

Click here

logo-acdcec

Privacy | Disclaimer | Responsible Disclosure Copyright LSEC - Leaders In Security 2002 - 2017 - Kasteelpark 10, 3001 Heverlee - Leuven | tel. +32.16.32.85.41