The main goal of the DEFeND project is to deliver an innovative data privacy governance platform, which facilitates scoping and processing of data and data breach management and supports organisations towards GDPR compliance. The DEFeND platform enables building and analysing models following a Privacy-by-Design approach spanning over two levels, the Planning Level and the Operational Level, and across three management areas: Data Scope, Data Process and Data Breach. The consortium leveraged existing software, tools and methodologies towards the implementation of the platform software components. The DEFeND platform has been tested in an operational environment (TRL 7), involving partners from four different areas: healthcare, banks, energy and local public administration.
10.00 - 10:30
Introduction by Beatriz Gallego-Nicasio Crespo (Atos): the DEFeND Project
10:30 - 11:00
DEFeND Software Platform Live Demonstration by Annarita Iodice (Maticmind), Andrea Pratiano (Maticmind) and Luìs Miguel Campos (PDM)
11:00 - 11:20
DEFeND Benefits by Marco Rotoloni (ABI Lab), Jean-Baptiste Bernard (GridPocket)
11:20 - 11:30
11:30 - 11:50
DEFeND Benefits by Andrès Castillo (Niño Jesus Hospital) and Georgi Simeonov (Municipality of Peshtera)
11:50 - 12:50
Panel on “Achieving GDPR compliance: Past, Present, Future”
- Aggeliki Tsohou (Ionian University – Moderator)
- Agnieszka Wawrzyk (DG CNECT)
- Haris Mouratidis (University of Brighton – DEFeND)
- Nele Lowet (Sopra Steria – DPO)
- Prokopios Drogkaris (ENISA)
- Vasilis Zorkadis (Hellenic DPA)
12:50 - 13:00
Wrap-up by Beatriz Gallego-Nicasio Crespo (Atos)
END OF THE PROGRAMME
Aggeliki Tsohou is an assistant Professor at the Department of Informatics, Ionian University, Greece. She holds a Ph.D. in Information Systems Security Management by the Department of Information and Communication Systems Engineering, University of the Aegean, Greece (2010). She holds a Diploma in Informatics and a M.Sc. in Information Systems, both attained by the Department of Informatics, Athens University of Economics and Business, Greece (2004).
Agnieszka WAWRZYK is a Policy Officer in the Unit ‘Cybersecurity and Digital Privacy’ within the European Commission in Brussels (Directorate-General Communication Networks, Content and Technology) working mainly on the ePrivacy related issues.
Before joining the European Commission, she was Justice and Home Affairs Counsellor in the Polish Permanent Representation to the EU, responsible for data protection, police cooperation and relations with third countries in the area of justice and home affairs (2012-2014) and later advisor to a Member of the European Parliament, responsible for data protection, cybersecurity and home affairs (2014-2017).
She worked for the Ministry of Interior of Poland, as a chief expert in the EU Unit (2009-2011) and later as a Head of the EU Unit (2011-2012). She holds a Ph.D. in political science from the University of Wroclaw (Poland).
Andrea Praitano has a degree in Engineering, a Master in Business Administration and twenty years of work in the ICT sector. His experience is multidisciplinary and include project management, information security management, IT service management, IT and security governance, compliance/audit and privacy. Mr. Praitano has 15 years of experience as security and privacy consultant and project manager. He is a member of the board of ISACA Rome chapter. He speaks Italian and English and he hold technical and methodological qualification such as CISA, Lead Auditor ISO/IEC 27001, ISO 22301 and ISO/IEC 20000-1, ISO/IEC 27002 Advanced, PRINCE2 Practitioner, ITIL Expert, CRISC, COBIT 5, ISO/IEC 20000 Auditor and Manager, M_o_R – Management of Risk, MSP – Programme Management, Green IT, Technical Professional Risk and Compliance, Managed Service Provider Technical Support: Risk and Compliance, ePolicy Orchestrator 4.5 Essentials (Technical), SSE+ Symantec Mobile Management 7.2, SSE+ Symantec Mobile Management Suite (Altiris) and App Center. He is managing the privacy and cybersecurity advisory team of Maticmind and he had the role of Project Security Officer of DEFeND Project. He had different speeches and seminars on cybersecurity and privacy.
Foundation for Biomedical Research Hospital Infantil Universitario Niño Jesus
Andrés Castillo is the Head of Technological Innovation in Pediatric Hospital Niño Jesús in Madrid, who has a Doctorate degree in Software Engineering and degrees in Sociology and Physics. He is also a teacher of Computer Science and Cybersecurity.
Annarita Iodice is currently a Business Analyst at Maticmind. She has a Master’s degree in Mathematics. The main skills, developed over the course of 24 years of work experience, cover the following areas: Business Analysis, Data Warehouse, Data Analysis and Software Development. She also got project management experience. Before joining Maticmind, she worked for HP and EDS in different industries sectors like Banking, Insurance, Telecommunication, Public Administration, University and Research. She is currently working for the DEFeND project, funded by EU H2020, as a task leader. So, during last two years, she gained a good knowledge about privacy and security field.
Beatriz Gallego-Nicasio Crespo
Atos - Research & Innovation Cybersecurity Lab
Beatriz holds a MSc. Computers Engineering degree and have 15 years of experience analysing, designing, developing and testing Information Systems. Since 2007, Beatriz works as a senior researcher in the Research & Innnovation group of Atos, with a focus in IT Security and Trust.
Camillo Del Prete
Project Manager in Maticmind. He got a Master’s degree in Economics. He is a Project Management Professional (PMP) since 2004. He was responsible for the coordinated management of multiple IT projects to support Royal Bank of Scotland and General Motors. So, he got a broad experience in different industries. He worked for HP (and then for Maticmind) as a solution manager to support application sales
Mr. Simeonov has a Master degree on International relations and Accounting, graduating both of these in Plovdiv University, Bulgaria.
Mr. Simeonov is actively involved in different municipal projects of various fields for Peshtera Municipality, and works for the municipality as a project manager in last four years. He has experience in communication, dissemination, and networking at local and national level working with local and regional stakeholders, schools, NGOs, SMEs, and local civil society. He participates actively in organizing thematic events such as workshops, seminars, conferences, and trainings. He is part of the project team of several European projects funded by the National operational programmes, and the EU.
University of Brighton
Haris Mouratidis is Professor of Software Systems Engineering and founding Director of the Centre for Secure, Intelligent and Usable Systems (CSIUS) at the University of Brighton. He is Fellow of the Higher Education Academy, and a visiting professor at the University of Stockholm (Sweden) and the University of Ionian (Greece). His research interests lie in the intersection of security, privacy, and software engineering. He has pioneered work in developing methodologies, modelling languages, ontologies, tools and platforms to support the analysis, design, and monitoring of security, privacy, risk and trust for large-scale complex software systems. He has applied his theoretical work to practical applications in domains such as critical infrastructures, cloud computing, health-care, telecommunications, banking, and public-administration. He has published more than 200 papers (h-index 34) and he has led and/or participated in more than 30 projects, currently DEFeND, CYRENE, AI4HEALTHSEC and CyberSANE (all funded by Horizon2020). He is member of working groups at ERCIM, IFIP, BCS, BSI, an Expert Fellow of the UK EPSRC Digital Economy NetworkPlus SPRITE+ (Security, Privacy, Identity and Trust in Digital Economy) and Vice-Chair of the International Federation of Information Processing (IFIP) WG11.4 on Secure Engineering.
Dr Jean-Baptiste Bernard is a product manager at GridPocket, a start-up company specialized in energy management for consumers and prosumers. He specializes in the use of energy data to enhance customer satisfaction and fidelity.
Luís Miguel Campos
Luís Miguel Campos received his B. Tech from IST (Instituto Superior Técnico – Lisbon) in 1992, his M.S. in Information & Computer Science from the University of California, Irvine in 1995, and his PhD in Information & Computer Science in 1999. Currently leads the research and development team at PDM&FC, and he is involved in 12 European funded research projects (Horizon2020) and 5 national research projects (Portugal2020), and from time to time, serves as an expert evaluator for the European Commission, leads the Business Angel Fund SMENT Digital and serves on the board of Directors of over 10 companies. Previously, he worked as a faculty member at the University of California Irvine, intern at NASA, as a researcher at INESC and as a teaching Assistant at Instituto Superior Técnico. Published dozens of papers in international conferences in areas as diverse as Parallel Computing, Agent-Based Computing, Resource Management in Distributed Systems, Simulation Theory, Cluster Computing and Grid Computing, Computer Vision, Information Systems, e-Government, etc
He is the co-writer of several approved patents in the US.
He has founded and led several companies, some of which have been sold to much large companies (ex: ZPX Interactive Software), some have received the prestigious award Deloitte Technology Fast 500 (ex: Go4Mobility), some have been selected by the Portuguese state as one of the most innovative companies in the country (ex: PDMFC).
With 25 years of experience managing companies from the startup stage to medium size, he is now focused on creating a self sustainable virtuous cycle ecosystem of Business Angels Funds, Venture Capital Funds, active investors, researchers and entrepreneurs, which will cover all stages of creation and growth until IPO.
He is the current managing director of Koala Tech and responsible for worldwide investment funding.
Marco is the coordinator of Observatory on IT Architectures in Banks and of Observatory on Information Governance in Banks.
He is also involved in Observatories on Back Office in Banks and on Banking Contact Center.
Strictly in connection with the Italian Banking Association Marco is following the initiatives about GDPR implementation in Italian banks.
Nele Lowet is working as a Security & Compliance consultant in the Cybersecurity team of Sopra Steria Benelux. She has a legal background in IP/ICT law and is a certified DPO. Her knowledge extends from ICT laws to the latest privacy challenges and international security standards. Clients she has worked for range from national to EU level.
Dr. Prokopios Drogkaris is a Cybersecurity Expert at European Union Agency for Cybersecurity (ENISA). He is working in the areas of Privacy and Data Protection, Cybersecurity Certification and Trust Services. Previously, he was involved in several EU funded research projects in the greater area of Information Security within the Hellenic Ministry of Citizen Protection and he held teaching assistant positions in higher education institutions. He is an author of several scientific publications and has served as a member on program and organizing committees at International and European scientific conferences.
Vasilis Zorkadis has been working as the Secretariat’s Director of the Hellenic Data Protection Authority since 2004, while from 1999 to 2003 he was head of Auditor’s Department. He received his Diploma in Electrical Engineering from Aristotle University of Thessaloniki, Greece, carried out postgraduate studies in Informatics and holds a PhD on Security of Computer Networks from University of Karlsruhe, Germany. He is founding member and current president of the “Hellenic Scientific Council for the Information Society”. He is author or co-author of books or notes on ‘Cryptography’, ‘Information Theory’ and ‘Information Security’ and of over 60 journal and conference papers on security and privacy protection. He taught for almost twenty years in Greek universities courses on information Theory, Information Security, Cryptography, Computer Networks, Digital Communications, Simulation, and Software Engineering.
Q1 - Theme 8. How addressed the case then Data transferred inside of EEA, but from more relaxed country to more regulated (e.g. from Italy to Germany or Italy to Finland)?
A1 – The DEFeND Platform support the tracking and decision on the transfer outside the EEA through the Theme #1 when modelling the departments and the third parties the platform save info on where is located the department/third party. In the Record of Processing activities the platform track who is involved in the processing and if the processing include transfer outside EEA. The Record of processing Activities functionality track also who transfer data outside the EEA.
Q2 - Why Subject ID are different?
A2 – Because we had two different Data Subjects, login in to the Organization external website, and each one of them created a individual Request (to exercise a specific Right)
Q3 - Will the platform be offered for free?
A3 – The platform will be distributed at a minimum price (o eventually for free) but always associated to a “as a service” model (the platform will be part of the overall customization ,deployment and support services commercial offer)
Q4 - Will the platform be publicly accessible by the general public?
A4 – The platform will not be accessible by the general public. It is meant to be used by Organizations
Q5 – When would we be able to download the platform? Any estimated date?
A5 – The platform won’t be available for download. As mentioned in A3, it is always associated to a “as a service” model.
* Times are based on Central European Time