探索个人数据和网络安全违规通知之间的重叠.pdf

《探索个人数据和网络安全违规通知之间的重叠.pdf》由会员分享，可在线阅读，更多相关《探索个人数据和网络安全违规通知之间的重叠.pdf（21页珍藏版）》请在三个皮匠报告上搜索。

1、EXPLORING OVERLAPS BETWEEN PERSONAL DATA AND CYBERSECURITY BREACH NOTIFICATIONPilar ArzuagaAI,Data Protection and Cybersecurity Lawyer McDermott Will&EmeryProkopios DrogkarisDeputy Data Protection Officer EU Agency for Cybersecurity(ENISA)Jessica FriedmanSenior Counsel CybersecurityTikTokIan Hulme D

2、irector of Regulatory Assurance UK Information Commissioners OfficeWELCOME AND INTRODUCTIONSAGENDA OUTLINEI.Identifying overlaps II.Managing overlaps III.Risk exposure&MitigationIV.Q&AIDENTIFYING OVERLAPSOverviewUK FCAHandbookunder the FMSAePrivacy DirectiveUK NIS RegulationNIS 2 DirectiveUK PECREU/

3、UK GDPRAI ActeIDAS 2CRADORAOperational challengesDiverging national approachesDifferent sanctions and enforcement riskDiverging thresholds,deadlinesDifferent regulators,submissionsEU cross-cutting requirementsSecurity MeasuresReportingobligationCrisis ManagementVoluntaryReportingEU GDPRePrivacy Dire

4、ctiveNIS 2 DirectiveDORAUK GDPRUK PECRUK NIS RegulationUK cross-cutting requirementsSecurity MeasuresReportingobligationCrisis ManagementVoluntaryReportingEU GDPRePrivacy DirectiveNIS 2 DirectiveDORAUK GDPRUK PECRUK NIS RegulationPERSONAL DATA BREACHESPersonal data breaches versus incidentsINCIDENTS

5、MANAGING OVERLAPSHow to face a cybersecurity incident?Freeze and secure the situation12Alert and documentRemedy and resume activity3Managing overlaps deadlines72 hoursEarly warning under NIS 2 Directive24 hoursPersonal data breach notification under EU/UK GDPRIncident notification under NIS 2 Direct

6、ive1 monthFinal reportunder NIS 2 DirectiveIncident notification under UK NIS RegulationInitial report under DORAIntermediate report under DORAFinal report under DORADifferent reporting formalitiesSource:https:/www.edpb.europa.eu/notify-data-breach_enDetermini