On 12 July, 2016, the European Commission adopted the EU-U.S. Privacy Shield. Meant as a replacement to EU-US Safe Harbor, the new framework helps protect EU citizens whose data is transferred to the United States. It lives up to that mission by requiring U.S. companies to cooperate with European Data Protection Authorities and abide by written commitments and assurance in storing European’s personal data.
The EU-U.S. Privacy Shield specifies certain data protection practices between the United States and the European Union only. But in influencing the ways in which U.S. companies handle data, it has a global impact.
How does the EU-US Privacy Shield affect your business?
You can find out by registering for Borderless Cyber Europe.
This September in Brussels, Belgium, Borderless Cyber Conference will be co-hosted by the European Commission and the nonprofit OASIS standards consortium. The event is specifically designed to to provide expert insight for CISOs and IT security practitioners on new obligations and challenges for cybersecurity policy development and operational practices.
That includes the EU-US Privacy Shield. Delegates to Borderless Cyber Europe will hear from keynote speaker Andrus Ansip, vice president for the European Commission’s Digital Single Market initiative. Ansip served an instrumental role in negotiating the EU-U.S. Privacy Shield. He feels the framework is essential for the United States and the European Union to further their cooperation in the digital age:
“Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions.”
Attendees will also enjoy a panel discussion on how the EU General Data Protection Regulation (GDPR) influences cybersecurity programs, as well as a talk offered by Richard Struse, the Department of Homeland Security (DHS) chair of the STIX/TAXII standards initiative, on how standards currently in development will help organizations automate their threat intelligence to mitigate risks.
Threat intelligence is an essential part to data protection in today’s world, especially given the challenges of attribution in the digital space. Roland Cloutier of ADP Worldwide Services understands those obstacles all too well:
“Anonymity of the internet and the varying global cyber laws make it difficult to assign attribution and allow for ‘root cause removal’ of online threats. As cybercrime is anonymous and ubiquitous, it’s difficult to stop criminal acts because it’s not easy to pinpoint the criminals themselves.”
To address those and other challenges, organizations need to embrace threat information sharing to collectively bolster their safety and security, a point with which Alexandre Dulaunoy couldn’t agree more:
“Information sharing is a mindset. In the past year, lots of organizations have expressed their interest in sharing intelligence, but they haven’t followed through because of a mindset that says they should limit what and how much they share. That’s not the right way organizations should approach information sharing. Instead they should have an approach that by default encourages exchanging intelligence openly. Adopting an open mindset is much more beneficial than closing yourself off, and in many cases, it can be better to share more broadly and on a large-scale.”
Interested in reaping the benefits of threat information sharing?
Click here to register for Borderless Cyber Europe.