Super Early Bird Fee

Register and Pay
by 4 Apr '19

Early Bird Fee

Register and Pay
by 3 May '19

Regular Fee

Register and Pay
after 3 May '19

$1,495.00(USD) $1,695.00(USD) $1,895.00(USD)

Group Discount! Enjoy 10% off when you register for 3 or more
or
For groups of 3, 4th comes for free

IMPORTANT NOTES
  1. Super Early Bird and Early Bird promotion: Discount will only be valid if payment is received by the stipulated date.
  2. Group Discount only applies to registrations from the same company registering at the same time, issued in a single invoice and of the same billing source.
  3. Only corporate registrations will be accepted.
  4. Bank charges & taxes are to be borne by registrants, if applicable.
  5. Full payment is mandatory upon registration for admission to the event.
  6. Walk-in delegates will only be admitted on the basis of space availability at the event and with immediate full payment.
  7. Fee includes lunch, refreshments and event documentation.
  8. The organiser reserves the right to make any amendments that it deems to be in the interest of the event without any notice.
  9. Information provided will be used for event administration and updates on upcoming events. For more details, please visit: http://www.conferences.com.sg/personal-data-protection-statement/

CANCELLATION & REPLACEMENT

A replacement is allowed if registered participants are unable to attend. For cancellations received in writing before 3 May 2019, a full refund will be given with a 10% administrative charge. For cancellations received in writing before 16 May 2019, a 50% refund will be given together with the event documentation. There will be no refunds for cancellations received after 16 May 2019 or “no show” participants. However participants will receive a copy of the event documentation.

Ambiguous Definitions. Vague Regulations. Over-reaching Scope.

China’s Cybersecurity Law continues to rattle businesses. Grey areas remain without detailed implementation guidelines. Newly released standards on Personal Information and Cross-Border Data Transfer pose fresh compliance challenges for businesses. And enforcement actions have begun.

Revised Standards, New Provisions
Will your Compliance Measures Satisfy Regulators?

Join this comprehensive 2-day conference to clarify key regulations and adopt practical compliance measures to navigate through China’s complex Cybersecurity Law. Be updated on the latest regulatory developments including newly released guidelines on Personal Information and Cross-Border Data Transfer. Find out the critical requirements to conducting a data transfer security assessment. Hear from Daimler, Carrefour, Novartis and BMW on measures they are adopting to fulfil Cross-Border Data Transfer and Multi-Level Protection Scheme obligations.


Programme Highlights

    • China Cybersecurity Law Updates
    • Data Localisation & Cross-Border Data Transfer
    • Data Transfer Security Assessment
    • How Businesses are Complying with Cross-Border Data Transfer Obligations
    • Cybersecurity Multi-Level Protection Scheme (MLPS)
    • How Companies are Fulfilling MLPS Requirements

Benefits of Attending

  • Be updated on newly released clarifications, provisions and obligations
  • Takeaway lessons learnt and pitfalls to avoid from recent enforcement cases
  • Find out how to legally collect, store and transfer personal information and important data
  • Understand the implications of data localisation provisions in sectoral regulations
  • Learn how to develop an internal framework and procedures for security self-assessment
  • Examine what to present and who to report to for official regulator assessments
  • Discover what regulators will look out for when conducting an official inspection
  • Hear how Carrefour and BMW classify their data and conduct compliant data transfers
  • Clarify definitions and key cybersecurity protection obligations under the draft MLPS
  • Establish internal security systems and internal policies to ensure network protection
  • Develop a network security incident emergency plan and disaster recovery system
  • Uncover cybersecurity measures Daimler and Novartis are implementing under the MLPS
 

Speakers

Terence Xu

China Information Security Officer, IS Director,

Carrefour China

Jicheng Zhu

Head of Information Protection, APAC,

BMW

Maxime Oliva

Chief Executive Officer,

TekID Investigation & Discovery

Ada Yang

Senior Attorney, Director, Cybersecurity & IP,

Microsoft China

James Ou

APAC Information Security Director,

Multinational Company

Roy Chen

(ISC)² Shanghai Chapter Security Expert,

Multinational Company

Mark Luo

Regional IT Security Manager, Multinational Company

David Jiang

Partner, RA Technology Risk,

Deloitte

Samuel Sinn

Partner, Cybersecurity and Privacy Services,

PwC

Samuel Yang

Partner,

AnJie Law Firm

Barbara Li

Partner,

Norton Rose Fulbright

Past Delegate Testimonials

Real experience and practical sharing

Most informative and helpful in understanding the vast scope of regulation

One of the most practical conferences

Who Should Attend

Senior Level Executives responsible for Legal, Compliance, Information Security, Information Technology, Internal Audit, Risk Management

 

Agenda

  • Day 01

    08.30 Registration & Morning Coffee
  • 09.00 Conference Chair’s Welcome

    Samuel Yang, Partner, AnJie Law Firm

  • 09.00 CSL UPDATES

    Latest Developments & Newly Released Guidelines: Implications for Businesses

    • Recently released clarifications, provisions and obligations
    • Recommended steps to take to comply with new requirements
    • Understanding the regulatory enforcement structure: Ministries, government bodies, authorities
    • Lessons learnt and pitfalls to avoid from recent enforcement cases
    • Upcoming drafts and standards to expect from the Chinese government
    • Proactive measures businesses can adopt to prepare for pending updates

    Barbara Li, Partner, Norton Rose Fulbright

  • 10.30 Morning Refreshments & Networking Break
  • 11.00 DATA LOCALISATION & CROSS-BORDER DATA TRANSFER

    How to Legally Collect, Store & Transfer “Personal Information” & “Important Data”

    • CIIO or Network Operator? How to define your organisation accordingly
    • What constitutes “Personal Information” vs “Important Data”
    • How to lawfully collect and obtain consent on “Personal Information” and “Important Data”
    • When is the transfer of personal data and important data allowed and when is it prohibited?
    • Existing data localisation provisions in sectoral regulations for specific industries and its impact
    • Ensuring compliance with VPN and encryption regulations

    Samuel Yang, Partner, AnJie Law Firm

  • 13.00 Lunch & Networking Break
  • 14.30 DATA TRANSFER: SECURITY ASSESSMENT

    Self-Assessment & Regulator Assessment: Critical Requirements & Pitfalls to Avoid

    • Key obligations under the guidelines on Security Assessment Measures
    • Assessment timeline: Self-assessment, regulator assessment, annual assessment
    • How to develop an internal framework and procedures for self-assessment on data transfers
    • Official regulator assessments: What to present and who to report to
    • Violations: What regulators will look out for when conducting an official inspection

    David Jiang, Partner, RA Technology Risk, Deloitte

  • 16.30 Conference Chair’s Insights & Analysis of the Day’s Proceedings
  • 17.00 End of Day One
  • Day 02

    08.30 Morning Coffee
  • 09.00 Conference Chair’s Opening Remarks

    Samuel Yang, Partner, AnJie Law Firm

  • 09.00 CASE STUDIES SHARING

    How Businesses are Complying with Cross-Border Data Transfer Obligations

    • How are companies classifying their data?
    • How are businesses determining which data to collect and retain?
    • How companies are evaluating if the data is eligible for cross-border transfer
    • Operational processes businesses have adopted to ensure compliant data transfers
    • How companies are conducting a security self-assessment
    • How companies are preparing for official regulator assessments

    Moderator:
    Samuel Yang, Partner, AnJie Law Firm

    Panellists:
    Terence Xu, China Information Security Officer, IS Director, Carrefour China
    Jicheng Zhu,
    Head of Information Protection, APAC, BMW
    Roy Chen,
    (ISC)² Shanghai Chapter Security Expert, Multinational Company

  • 10.45 Morning Refreshments & Networking Break
  • 11.00 CYBERSECURITY PROTECTION

    Complying with Cybersecurity Multi-Level Protection Scheme (MLPS) Requirements

    • Clarifying definitions of classifications under the draft MLPS
    • Key cybersecurity protection obligations under the draft MLPS
    • How to establish internal security systems and internal policies to ensure network protection
    • Monitoring and information retention: Tips for recording your network’s operational status
    • Developing a network security incident emergency plan and a disaster recovery system
    • How to perform a compliance readiness assessment

    Samuel Sinn, Partner, Cybersecurity and Privacy Services, PwC

  • 13.00 Lunch & Networking Break
  • 14.30 CASE STUDIES SHARING

    Cybersecurity Measures Companies are Implementing to Fulfil MLPS Obligations

    • How companies are interpreting the draft MLPS and tier themselves accordingly
    • How businesses are designating personnel responsible and accountable for the MLPS
    • How companies are establishing a cybersecurity management system and operational procedures for data centres and computer rooms
    • Measures companies are employing to detect, block and remove illegal information
    • How companies are preparing for a data breach: Reporting process and notification report

    Moderator:
    Samuel Yang, Partner, AnJie Law Firm

    Panellists:
    Maxime Oliva, Chief Executive Director, TekID Investigation & Discovery
    Ada Yang,
    Senior Attorney, Director, Cybersecurity & IP, Microsoft China
    James Ou, APAC Information Security Director, Multinational Company
    Mark Luo, Regional IT Security Manager, Multinational Company

  • 16.15 Conference Chair’s Insights & Analysis of the Day’s Proceedings
  • 16.30 Close of Conference