Beyond Cybersecurity Conference 2022: Between the Knowns and Unknowns of China’s Data Rules Go back »
Click here to view pictures of this event.
-
Time2022-09-22 | 09:00 - 12:00
-
Venue:Swissotel Grand Shanghai
-
Address:
-
Fee:Members: 300 |
Non Members: 600
We would love to hear your feedback, and it just takes a minute.
Sponsors and partners
On 29th April, the National Information Security Standardization Technical Committee of China released a draft version of the Practice Guidelines for Cyber Security Standards – Technical Specifications for Certification of Cross-Border Processing of Personal Information for public comment. The relentless rate of change and threat in cybersecurity did not abate in 2021, but is expected to increase in 2022. In an era of accelerated digitization, most senior business leaders see cybersecurity and legal data flow as an operational priority to their business.
What are the latest policies on cross-border data transfer, data certification and data sharing? As part of China’s targeted actions on market competition, online finance, and foreign listings, will the new measures shut down data transfers out of China for multinationals? Are there possible pathways for more open data transfers for brands and companies while complying with these requirements?
The European Chamber’s Cybersecurity Conference 2022 will bring together professionals and experts from law/consulting firms, different industrial players and major data processors to share their insights on the future of China’s data flow security landscape and possible solutions for all relevant parties.
Agenda
08:30-09:00 Registration
09:00-09:10 Opening Words by Ms. Isabelle Hajjar Vice Chair of the Cybersecurity Subworking Group
09:10-09:35 keynote speech by Mrs. Juliane Lange Managing Director for Wuerth Information Technology
09:35-10:00 'New trend of cybersecurity certification in China' Mr. Yingkai Guo ICT product manager of China system certification business group of Bureau Veritas
10:00-10:25 Keynote speech by Mr. Gil Zhang & Mr. Sherman Deng, Partner, Fangda Partners
10:25-10:50 Coffee Break and Networking
10:50-11:50 Panel Discussion: The State of China Data Flow Security in Different Industries
Moderator: Ms. Isabelle Hajjar Vice Chair of the Cybersecurity Subworking Group
Panelists: Mr. Justin Zhang,Data Privacy Director IKEA
Mr. Eric Ho, Technology Operations and Cybersecurity Director Budweiser
Mr. Kevin Zhou,Cyber service Director KPMG
Ms. Kathy Shi Chief Information Security Officer for SAP China
Ms. Julia Tian Information Security Officer for INTESA SANPAOLO S.P.A. SHANGHAI BRANCH
11:50-12:00 Closing Words Ms. Isabelle Hajjar Vice Chair of the Cybersecurity Subworking Group
Views expressed by invited speakers do not necessarily reflect the opinions or position of the European Union Chamber of Commerce in China.
Sponsorship Opportunities
There are sponsorship opportunities for this conference. If you wish to be our sponsor, please contact Ms Maureen Dai at mtdai@europeanchamber.com.cn for more details.
Terms & Conditions
Events have limited seating so to ensure your attendance we encourage advance online registration and payment for all events. We cannot guarantee entry to anyone not registered in advance.
All our events are held in English and follow the Chatham House Rule unless otherwise stated.
Cancellation Policy
If you cannot attend an event for which you have registered, please cancel your registration no later than one business day prior to the event. If you fail to notify us of your cancellation in a timely fashion, you will be charged for event costs.
To cancel you can: 1) email yangzhao@europeanchamber.com.cn, or 2) cancel online if you registered for the event through the website
Advisory Council Policy
Members of the Advisory Council may receive complimentary admission to Chamber seminars, conferences and factory visits up to two attendees per event. Additional participants will be charged at the member rate.
Advisory Council members will still be charged the standard member rate for participation in training courses and special events, such as gala balls, government appreciation dinners, or admission to corporate social events/tournaments.
For further information contact Ms Maureen Dai at mtdai@europeanchamber.com.cn
Speakers
Ms. Isabelle Hajjar
Ms. Isabelle Hajjar
Isabelle is head of Compliance with Tek-ID China, a Digital Risk Intelligence company. She leads regulatory and operational compliance support, consulting, strategy and program design, implementation and roll-out services for Tek-ID’s clients in the ICT and digital sphere, both locally in China and on a global level (cybersecurity, data protection, infrastructure, market access conditions, organizational issues, policies and procedures, training, etc.), in various sectors (from classic hosting to cloud services, SaaS vendors, e-commerce, retail, banking, automotive, investment funds, health, digital security products, etc.).
She further acts, for certain clients, as outsourced General Counsel / Compliance and Data Privacy Officer.
Isabelle has, since mid-2016, been actively engaged in the European Chamber of Commerce of China, currently she is the Vice Chair of the Cybersecurity Subworking Group - Shanghai, happily offering her support in their mission and lobbying activities.
Isabelle is also the co-founder and co-chair of the IAPP (Internal Association of Privacy Professionals) - Shanghai Knowledge Chapter, focusing on disseminating Knowledge and exchanging experience in all compliance matters for Data and Privacy Protection, as well as for neighboring subjects, such as cybersecurity.
Before joining Tek-ID, Isabelle had already accumulated some 19 years in the ICT - digital field, with 9 years as an Attorney in Europe, followed by in-house experience as General Counsel for ICT Companies, with additional skills in General Management (as COO) & Compliance. She has been based in China for some 11 years.
Mrs. Juliane Lange
Mrs. Juliane Lange
Mrs. Juliane Lange is the Managing Director for Wuerth Information Technology (Shanghai). She can look back on more than 15 working experience within the Wuerth Group in various departments and roles. As a project leader, she implemented many SAP systems in the USA, Europe and Asia. With her move to Shanghai in 2015, she assumed responsibilities as Senior Director for IT & SAP and successfully harmonized the infrastructures and processes among various Chinese entities. Since 2017, she is the appointed Data Protection Officer for China and is responsible for all cybersecurity related topics. By March, 1st 2021, she was promoted to Managing Director of the Würth IT in China and is driving the digitalization of the Asian entities.
Mr. Yingkai Guo
Mr. Yingkai Guo
Guo yingkai, ICT product manager of China system certification business group of Bureau Veritas, holds a doctoral degree in image processing and Pattern Recognition Research Institute of Shanghai Jiaotong University, focusing on artificial intelligence and pattern recognition, and has won the second prize of science and technology award of Chinese universities. Director of China Cyberspace Security Association; Senior member of China Electronics Society, computer society and artificial intelligence society; Expert of computer forensics Professional Committee of electronic society; Cyberspace Security Association Sports Professional Committee experts. With 20 years of experience in information system development, information security, artificial intelligence, technology management, enterprise management, product management and team management.
Mr. Gil Zhang
Mr. Gil Zhang
Mr. Zhang specializes in privacy and data protection, cyber security and regulatory compliance. Mr. Zhang practiced in private practice and in-house as senior counsel for many years. He has extensive experience in corporate and compliance work.
Mr. Zhang has advised many clients on global GDPR compliance projects. He has extensive experience in setting up data protection compliance programs in China and localizing GDPR-centric data protection programs and FTC privacy management programs in China. He has also worked on and managed the global Binding Corporate Rules project. He has extensive experience in managing global compliance projects, law enforcement actions, and setting up data protection governance structures as well as various processes to comply with EU GDPR, US laws and personal data protection laws of non-European countries, including China and APAC countries.
Mr. Zhang also advises clients on various law enforcement and contentious matters, such as criminal investigations into alleged infringement of data protection rights, mandatory privacy audits, misappropriation of confidential information by employees, and data breach response and reporting in various jurisdictions. He also advises various clients on data protection issues in relation to emerging technology such as artificial intelligence, internet of things, big data, and driverless cars.
Mr. Zhang has worked on various personal data protection related matters. These matters include conducting due diligence on target company compliance with Chinese data protection laws in M&A and investment transactions, data mapping, designing personal data collection and consent mechanisms, conducting supplier data protection due diligence, advising on cross-border data transfers and security assessments, drafting privacy policies and app user agreements, advising on data protection impact assessments (DPIA), drafting internal employee-facing privacy compliance requirements, handling data subject requests (DSR) and designing automated DSR processes, and reporting data breaches.
Mr. Sherman Deng
Mr. Sherman Deng
Sherman has rich experience in cyber incident response, government investigation response and cross-border data transfer. Before joining Fangda, Sherman was VP & Senior Counsel of a renowned international hotel group. Sherman’s notable projects include:
Handled a number of high-profile data and cybersecurity incidents that involve data security, content security, government enforcement & investigation and crisis management.
Advised internal clients on data localization and cross-border data transfer.
Formulate and adjust data compliance programs in response to changes in cybersecurity laws and regulations.
Set up data compliance governance, including preparing and implementing compliance playbooks and policies in cybersecurity.
In his seven years at the group, Sherman also managed legal matters of the Group’s digital partners, loyalty program and digital channels for China. He handled legal matters related to third party risk management, digital marketing, cloud computing, app security design life cycle (SDLC), e-commerce, data security and data analytics.
Ms. Kathy Shi
Ms. Kathy Shi
Kathy is currently working as the CISO for SAP China, supporting all lines of business across SAP on security risk management, regulatory and security compliance, secure development and delivery, customer and sales security enablement etc. Before that, Kathy was most recently with Oracle for over 6 years, effectively acting as the Information Security Director – North Asia to oversight security and support Oracle business in Greater China, Korea and Australia, where her responsibility covered strategic project security supporting, M&A security review, sales security enablement, security incident response, forensic and investigation, supplier security review, regulatory security risk monitoring and assessment etc. Prior to Oracle, she spent 8 years in IT and Security consulting area, successfully led and delivered more than 20 information security, internal control, BCM, PCI-DSS compliance and IT projects to clients covering banking, internet, manufacturing, real estate industries. Kathy also held security position at Citibank as the start of her career.
Mr. Kevin Zhou
Mr. Kevin Zhou
Kevin has more than fourteen years’ working experience in cyber security management, IT risk management and IT internal and external audit. His main clients are large SOE and MNC in banking, insurance, FMCG, retail and manufacturing.
Kevin has provided penetration test for multiple banking and insurance clients. The penetration tests helps clients to identify potential vulnerabilities in its information systems and infrastructure. The vulnerabilities were effectively remediated by implementing proper system hardening policy.
In IT security area, Kevin has provided different clients with various advisory service, including designing enterprise-level information security architecture, setup Information Security Management System, the assessment of ISMS based on ISO 27002, PCI DSS assessment for online payment, security scanning for banking and insurance companies. Kevin also provided overall assessment of IT security governance and provided short and long-term roadmap for the improvement of information security management.
Regarding IT risk management, Kevin provided advisory service to one of the largest insurance company in China to establish its IT risk management system. He helped the client to establish formal risk assessment methodology, draft and publish policies and procedures for managing risk throughout its life cycle. He lead the team to perform risk assessment for the IT department and provide advice for risk identification, assessment, handling and monitoring.
Kevin has rick experience in providing advisory implementation service regarding data protection. He provided data loss prevention for one large financial company and helped the client to perform as-is analysis, requirement analysis, vendor selection, product POC testing, product trial run and final implementation.
Kevin also provided internal IT audit service for many clients. The audit scope covers IT general control, IT assertion control and computer-assisted audit. He mainly worked as team leader and was responsible for leading the field work and communicate with client management.
Mr. Justin Zhang
Mr. Justin Zhang
Mr. Justin Zhang has rich experience on Information Technology and Information Security area.
Prior to IKEA, he has worked for semi-conductor and automotive companies, leading or
supporting IT/IS projects like connected-car solution security audit, supplier security review etc.
Justin joined IS team at IKEA China in February 2018 and supported INGKA China cyber
compliance project for Chinese Cybersecurity Law compliance and has led several important
security/compliance projects such as MLPS, Cross-border data transfer, IKEA CN App security
enablement. As the expert in security/privacy frameworks and security technical solutions, he
continues to focus on and explore better way of cyber and privacy compliance for digital
products, supports business units across INGKA China on security/privacy by design,
assessments, risk management, relevant regulatory compliance.
Ms. Julia Tian
Ms. Julia Tian
Julia T. is serving as ‘Information Security Officer’ role in Intesa Sanpaolo S.P.A Shanghai branch, in charge of Cybersecurity and Business Continuity Management. She started her career in IT filed, then transitioned to banking industry specialized in Technology Risk, then to the Cyber.
Professionally, she holds CISSP, CISA, CISM, CRISC, CGEIT , ISO27001LA & CIPM credentials.
Before join Intesa Sanpaolo Shanghai, she ever positioned in CITI as Country Tech Risk Manager and CISCO as InfoSec PM.
Mr. Eric Ho
Mr. Eric Ho
Mr. Eric Ho has extensive experience in Technology related roles across APAC and Europe. Eric joined Budweiser in Belgium in 2012 as project manager, delivering Supply Chain related initiatives such as APO, WMS, TMS. In 2016 he relocated to APAC to drive supply chain digital transformation. Since 2019, Eric has been leading Technology Operations & Cybersecurity for Budweiser APAC, covering domains from Cybersecurity, Tech Compliance, Infrastructure Architecture and Operations, DevOps Engineering, and Digital Workplace Services. He led the expansion of APAC Cybersecurity team from 0 to 1, in which the team now cover domains such as Application, Supply Chain, Data, Network, and Cloud Security. Eric continues to focus on implementing sustainable cybersecurity practices during organization’s digital transformation, prioritizing the right resources and projects that matters most.