GDPR preparations: myth vs reality

Transcript

1. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 GDPR preparations myth vs reality

2. About @me: - Do mobile applications for $$$ - empower

   teams - CARE ABOUT: - Users - quality - security - performance South Africa, in the wild,
 slightly north of Antarctica

3. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 What’s GDPR? - GENERAL DATA PROTECTION REGULATION - APPLICABLE STARTING FROM 25 may 2018 - FINES Up TO €20’000’000 or 4% of yearly turnover - …

4. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018

5. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 #1

6. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018

7. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 IN REALITY STUDY SHOWS THAT IN 2014 IN EUROPE THERE WAS 23.3 MILLION MICRO, SMALL AND MEDIUM-SIZE ENTERPRISES. EVEN WITH NO GROWTH IN 2018 THERE’S NO GOVERNMENT RESOURCE TO VERIFY COMPLIANCE FOR ALL OF THEM

8. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 #2

9. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

   PMDay 2018 25 MAY 2018 IS 
 D-DAY FOR GDPR
 COMPLIANCE

10. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY THIS ARTICLE ANSWERS “IN A WORD, YES”

11. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN 4 PARAGRAPHS IT SELLS GDPR- COMPLIANCE CONSULTING

12. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REAL-REAL-REAL REALITY IN APRIL 2018 ONLY 4 MEMBER STATES OUT oF 28 APPLIED LOCAL LEGISLATION CHANGES (LINK) NO APPOINTED CONTROL AUTHORITY YET IN ANY MEMBER STATE

13. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 #3

14. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018

15. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY UP TO €10’000’000 (OR 2% of YEARLY TURNOVER) FOR INFRINGEMENTS OF ARTICLES 8, 11, 25-39, 42, 43 UP TO €20’000’000 (OR 2% of YEARLY TURNOVER) FOR INFRINGEMENTS OF ARTICLES 5, 6, 7, 9, 12-22, 44-49, 58 EXACT AMOUNT DEPEND ON NATURE OF DATA, SIZE OF BREACh, INTENTION OF CONTROLLER….

16. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY ENDING WITH: “(83.2.k) any other aggravating or mitigating factor applicable to the circumstances of the case, such as financial benefits gained, or losses avoided, directly or indirectly, from the infringement.“

17. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 REAL WORLD SUITS UK DATA PROTECTION BILL IN 2017 ASSIGNED ONLY ONE FINE OF £80’000

18. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 #4

19. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 UKRAINIAN OUTSOURCING COMPANIES ARE OUT OF SCOPE OF GDPR

20. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY 100% of OUR CUSTOMERS AND POTENTIAL CUSTOMERS IN EUROPE TOUCH DATA PROTECTION TOPICS EARLY DURING PRE-SALE 
 EU COMPANIES ARE OBLIGATED TO ENSURE GDPR COMPLIANCE FOR SUPPLIERS AND OTHER DATA PROCESSORS

21. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 #5

22. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 GDPR EXPOSES COMPLEX LANGUAGE AND IS WRITTEN BY LAWYERS FOR LAWYERS

23. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY START FROM HERE and spend 1 hour TO sTUDY KEY ISSUES 
 CONTINUE READING THROUGH ARTICLES AND FIND THAT YOU’RE AWARE OF THE CONTENT in 4 HOURS 
 GOOGLE OPEN QUESTIONS FOR THE REST OF THE DAY
 
 CHAT WITH AWARE FRIENDS DURING LUNCH

24. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 IN REALITY CONGRATULATIONS, YOU’RE NOW GDPR EXPERT CONSULTANT

25. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018

26. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 HYPE AROUND GDPR - SECURITY GUYS SELL SECURITY - LAWYER GUYS SELL LEGAL SUPPORT - FISHING GUYS DO HAVE EXTRA REASON TO FISH YOU - EVERYBODY is happy…

27. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 DO DO NOT FOLLOW HYPE - Think different - THINK CRITICAL

28. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 What GDPR really is - NOT A CHECKLIST, RATHER A DIRECTION ( UNLIKE PCI DSS, ISO 27001 ) - SECURITY BY DESIGN - EXTENDED USER RIGHTS

29. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 What GDPR really is

30. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 NOT A CHECKLIST - STILL THERE ARE PARTICULAR REQUIREMENTS: - DATA ANONYMIZATION - INCIDENT REPORTING WITHIN 72h - ROLE OF DATA PROTECTION OFFICER - DATA SUBJeCt RIGHTS: ACCESS, ERASURE, RESTRICTION - …
 - Don’t BUY GDPR CHECKLISTS AND CONSULTANTS

31. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 SECURITY BY DESIGN - NICE REASON TO THINK ABOUT BUSINESS / PRODUCT IT SECURITY - NICE TO ASSESS YOUR SECURITY MEASURES

32. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 - PWC And INFOSEC EUROPE SURVEY OF 2015 - PONEMON INSTITUTE REPORTS AVERAGE COST OF DATA BREACH IN US in 2017 AS $3.5M

33. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 SAFE ZONE - IF YOu’re below 50’000 users, no rush - If you don’t WORK WITH SENSITIVE PERSONAL DATA, NO RUSH - GET YOURSELF A POPCORN AND WATCH

34. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 I COULD ALSO TELL ABOUT - CONTROLLERS AND PROCESSORS - BACKUPS AND DATA RETENTION POLICIES - ANALYTICS AND ANONYMIZATION - MONITORING AND INCIDENT REPORTING - RIGHTS OF USERS - … BUT YOU CAN READ IT WITHIN AN HOUR

35. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 LINKS - https://gdpr-info.eu/ [HUMAN READABLE] - http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX: 32016R0679 [OFFICIAL PDF] - https://www.pwc.co.uk/assets/pdf/2015-isbs-technical-report- blue-03.pdf [SECURITY COST RESEARCH] - https://www.csoonline.com/article/3249088/data-breach/the- cost-of-2017-data-breaches.html [SECURITY COST RESEARCH] - https://www.eugdpr.org/controversial-topics.html [LINK]

36. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018

37. Petro Korienev, Mobile Team Lead @ Sigma Software // Kyiv

    PMDay 2018 THANKS!