Privacy Impact Assessment for Cyber Resilience

Tuesday, 23 & 30 April 2024 – 10:00 AM – 2:30 PM EST | Online

Training Overview

Predict Risks, Safeguard Against Incidents

In the face of escalating privacy breaches and an evolving legal landscape, conducting Privacy Impact Assessments (PIAS) has become critical for organizations in North America. With over 1,000 reported incidents in the U.S. in recent years, each breach carries substantial financial risks, averaging $8.64 million per data breach in 2021 (IBM Cost of a Data Breach Report).

The E-Government Act of 2002, Section 208, mandates agencies to conduct PIAs for electronic information systems and collections, providing a practical method to evaluate privacy issues. This two-day training aims to empower participants with the knowledge and skills to conduct thorough PIAS, integrating privacy considerations into cybersecurity strategies.

Who Should Attend

This course is designed for leaders in charge of transforming local government including:

Privacy Officer, Data Protection Officer (DPO) and Cybersecurity Analyst

IT Security Manager, Risk and Compliance Manager and Privacy Compliance Officer

Policy Analyst, Information Systems Manager and Cybersecurity Specialist

Learning Outcomes

Develop proficiency in PIA methodologies to effectively assess privacy risks.

Implement privacy-enhancing measures to safeguard sensitive information.

Ensure compliance with privacy regulations and standards to minimize legal risks.

Master the identification and evaluation of privacy risks to mitigate potential threats.

Meet Your Trainer


PETER CLISSOLD
Cyber Security Consultant

Peter Clissold, a cybersecurity leader with over 25 years of experience across diverse sectors, specializes in constructing comprehensive cybersecurity programs for large organizations.

His proven track record includes expertise in incident planning, vulnerability management, user education, cybersecurity operations oversight, artificial intelligence integration, and ensuring privacy regulation compliance.

Peter’s holistic approach to risk management addresses evolving challenges, establishing him as a respected authority contributing significantly to the resilience and security of organizations.

Key Sessions

Day 1: Module 1Day 1: Module 2Day 1: Module 3Day 2: Module 4Day 2: Module 5Day 2: Module 6

An Introduction to PIA

  • Introduction to the Cyber Security Protection Framework, Privacy Impact Assessment (PIA) and Cyber Resilience
    • Explain the importance of privacy and cybersecurity in modern organisations
    • Describe Privacy Impact Assessments (PIAs) and their role in enhancing cyber resilience
    • Explain the relationship between privacy regulations, data protection, and cybersecurity
  • Key Concepts and Principles of Privacy Impact Assessment
    • Defining personal data and sensitive information
    • Listing the principles of privacy and data protection (e.g., GDPR, CCPA, etc.)
    • Describing cyber resilience and its components

Frameworks and Process

  • Legal and Regulatory Frameworks for Privacy and Cyber Resilience
    • Identifying the major privacy and data protection regulations worldwide
    • Describing how regulations impact cybersecurity and resilience strategies
    • Aligning PIA practices with relevant legal requirements
  • Privacy Impact Assessment Process
    • Step-by-step example of how to conduct a PIA for cyber resilience
    • Identifying and involving key stakeholders throughout the process
    • Documenting and reporting best practices for PIAs

Privacy Risks and Cyber Resilience

  • Identifying Privacy Risks in Cyber Resilience Strategies
    • Analysing potential privacy risks in cybersecurity measures 
    • Understanding the impact of privacy breaches on cyber resilience 
    • Evaluating the trade-offs between privacy and security measures 
  • Mitigating Privacy Risks
    • Privacy by design: Integrating privacy considerations into cybersecurity plans
    • Implementing privacy-enhancing technologies and practices
    • Building privacy-aware incident response plans

PIA Tools, Techniques and Awareness

  • Privacy Impact Assessment Tools and Techniques
    • Examples of utilising tools and methodologies for conducting PIAs
    • Assessing data flows and information handling processes
    • Privacy risk assessments and impact analysis
  • Privacy Training and Awareness for Cyber Resilience
    • Educating employees about privacy best practices in cybersecurity 
    • Creating a culture of privacy and security awareness in the organization 
    • Addressing the human factor in cyber resilience planning 

Practical Application

  • Case Studies and Practical Exercises
    • Analysing real-world PIA case studies from various industries 
    • Hands-on exercises for conducting a privacy impact assessment 
    • Group discussions and problem-solving scenarios
  • Monitoring and Reviewing Privacy Impact Assessments
    • Continuously monitoring and updating PIAs in response to changing threats and regulations 
    • Conducting periodic reviews of privacy policies and cybersecurity measures 
    • Reporting and documenting privacy compliance for audit purposes 

PIA and Cyber Incident Response

  • Integrating Privacy Impact Assessment with Cyber Incident Response
    • Aligning PIAs with incident response plans and business continuity strategies 
    • Leveraging PIAs for post-incident analysis and improvement 
    • Ensuring privacy considerations in crisis management and communications
  • Wrap-up and Action Planning
    • Recap of key workshop takeaways and insights
    • Creating an action plan for implementing PIAs in cyber resilience strategies
    • Open discussion and Q&A session

Registration

Early Bird 1

$595

per person + GST

until 16 February 2024

Early Bird 2

$795

per person + GST

until 22 March 2024

Final Price

$995

per person + GST

Customised in-house options available for teams

Interested in any of our online trainings?

You can also choose to have them delivered in house. We will work closely with our inspiring session facilitators to tailor the content around the key development areas your team are prioritising, shape the learning outcomes around your core departmental challenges and make the most of your L&D and upskilling budget.

Interested In Learning More?

The Cyber Security & Risk Management Community provides a hub for public sector professionals from around the globe to learn, network, collaborate, benchmark, and share best practices with their peers. Become a member today for free and gain access to:

  • Live chats and digital forums
  • Global content library
  • Priority event registration
  • Networking opportunities with peers
  • Complimentary access to exclusive events and insights