#CFThursday session on Data Privacy and ISO 27701:2019 with Anil Lole

2021-03-16 10:45:20

One of the most talked-about programs, CyberFrat Thursday allows us to present weekly opportunities to our members to learn from guest speakers over engaging webinars. The topics of discussion range from emerging technologies, cybersecurity trends, and risk management to several developmental elements such as grooming, motivation, resume writing, interview tips, and general soft skills. This Thursday we will have a session on “Data Privacy and ISO 27701:2019″ with Anil Lole – Sr. Manager – Information Security & DPO.

What will be covered?

• Data Privacy and worldwide legislations
• ISO 27701:2019 a brief overview
• Correlation with ISO 27001:2013
• Designing and implementing a data privacy framework
• Critical components of ISO 27701:2019
• Interpretation and alignment with security objectives
• Data Privacy Awareness and Training campaigns
• Defining and establishing Data Privacy Organization
• Assessment, monitoring & certification

What to expect from this Session?

• Data Privacy – A worldwide review post GDPR
• ISO 27701:2019 a brief overview
• How it is related to ISO 27001:2013
• Data Privacy Framework
• Implementing ISO 27701 best practices
• Key components of Data Privacy Awareness Campaign

About the Speaker: Mr. Anil Lole: Sr. Manager – Information Security & DPO.

Working at BlueConch Technologies (Earlier it was Xpanxion International Pvt. Ltd.) since last 14 years.

(BlueConch Technologies ranked among the top 3 companies in India in a recently held DSCI Annual Information Security Summit under the category ‘Best Privacy Practices in IT/ITeS Companies’)

Working in the capacity of CISO and DPO and is responsible for Information Security & Data Privacy of India & overseeing US Operations.

• Established best practices for secure coding, security testing, threat modelling and security in Project Management for delivery team and clients.
• Implemented secure SDLC best practices.
• Institutionalized OWASP Top10 and SANS Top 25 vulnerabilities guidelines for Developers and QAs.
• Implemented automated secure code review (SAST) using SonarCube, and security testing with Zap.
• Set up best practices for security awareness, risk assessment / treatment methodology for all corporate functions and client projects.
• Designed and implemented Secure ODCs for large customers in healthcare & financial domain.
• Supporting Delivery and Contracts/Legal team in understanding clients’ security & privacy requirements and adhering to contractual obligations captured through MSAs & SOWs.
• Ensuring security measures and safeguards are put in place to client specific security risks.

Overall Experience and Highlights:

• A 22+ years of hard core Information Technology personnel being responsible for aligning IT Services with business needs by applying required technology, process and people skills.
• The experience includes 15+ years in IT Security and Information Security with strong analytical skills of mapping security controls with business processes and practices.
• Played a leading key role in implementing ISO 27001:2005 in world’s largest automobile engineering company in 2006 for their Pune plant.
• Implemented end to end ISO 27001:2005 in a Software Services Company (100% EOU & Offshore development centre) in April 2012 for Pune location.
• Successfully migrated to ISO 27001:2013 in June 2015.
• Implemented ISO 27001:2013 globally (India & US) in Sep 2019.
• Implemented ISO 27701:2019 in June 2020 globally (India & US).
• Experienced in managing & delivering variety of IT infrastructure and Information Security requirements.
• Expertise in IT Infrastructure designing, implementing ITIL processes and best practices, with supervisory skills to continually improve overall IT services.
• Proficiency in tailoring and customizing ISMS requirements, best practices and aligning them to improve overall business objectives.

Certifications:

• CISM (Certified Information Security Manager): Jun 2018 (Certificate no. 1841239)
• CISA (Certified Information Systems Auditor): Feb 2017 (Certificate no. 17136791)
• PROZM Certified SAM (Software Asset Management) Professional: Mar 2015
• GL ISO/IEC- 27001:2013 upgradation: February 2015
• BS ISO/IEC- 27001: 2005 ISMS Lead Auditor: Dec 2009

ITIL V3 Foundation: March 2008

Register Now