December 4, 2020

Volume X, Number 339

November 2020 Midwest Cyber Security Alliance Meeting (Virtual)

CCPA, GDPR, and ISO 27001/27701: Identifying Distinctions and Overlaps for Efficient Implementation

We are excited to announce the return of our Midwest Cyber Security Alliance (MCSA) meeting series following an extended break during which our community has been hard at work addressing privacy and cybersecurity matters spurred by the pandemic!

Upcoming MCSA meetings will be hosted virtually until it is safe to gather in person again. While we will miss connecting with everyone from the scenic 40th floor of our Milwaukee office, we look forward to expanding participation to our colleagues and peers located outside of the Milwaukee-Chicago corridor!

During our first Midwest Cyber Security Alliance virtual meeting, Foley Partner Jennifer Urban (Rathburn) will be joined by privacy and security practitioners Heidi Maher of Epiq and Nick Gross of OneTrust. Together, they will discuss their shared goal of protecting organizations from reputational damage, lawsuits, and regulatory enforcement. Whereas ISO 27001 focuses on the assessment of risks and protection of the organization and ISO 27701 focuses on Privacy Information Management Systems, the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR) both aim to assess and protect the rights and freedoms of individuals. With a shared goal of compliance, it is critical that security and privacy teams work together to develop a common language that produces greater productivity and consolidates efforts.

Join Foley, Epiq, and OneTrust on Wednesday, November 18, to explore how the ISO 27000 family of standards, the CCPA, and the GDPR overlap, as well as how security and privacy teams can work together to become more effective. Key discussion objectives and takeaways will include:

  • Mapping the most common security operations standard, ISO 27001, to the country's and the world’s most influential pieces of privacy legislation, respectively, the CCPA and the GDPR


  • Outlining main areas of common ground that should help every organization align its security and privacy operations


  • Understanding the new ISO 27701 certification for Privacy Information Management Systems


  • Developing a framework to reduce the risk of incidents while increasing productivity and customer trust

There is no fee to attend this event, but advance registration is required.

Upcoming Legal Education Events

Tuesday, December 8, 2020
Wednesday, December 9, 2020
Wednesday, December 9, 2020
Wednesday, December 9, 2020
Thursday, December 10, 2020
Thursday, December 10, 2020
Thursday, December 17, 2020