On 18 November, Alain Hermann, Commissioner at the CNPD, was a speaker at the eighth annual Insights Conference hosted by the Professional Evaluation and Certification Board (PECB) in Brussels.
Mister Herrmann participated in a panel entitled “A New Decade in Information Security and Privacy: What Can We Expect?”, which touched upon a number of questions surrounding cybersecurity. One of them looked at upcoming EU regulations such as the Data Act and the Data Governance Act, and the concomitant emergence of procedures like anonymisation and pseudonymisation.
Another discussion point was the interplay between security and data protection, especially in the context of the Network and Information Security (NIS) 2 Directive, which requires national supervisory authorities and security authorities to cooperate in cases of data breaches and other security incidents.
Also on the agenda was a discussion on the interaction between Data Protection Officers (DPOs) and Chief Information Security Officer (CISOs). Mister Hermann spoke about a survey on the roles and responsibilities of DPOs and CISOs in Luxembourg that the CNPD had conducted in collaboration with PwC.
He further explained the CNPD’s GDPR certification (the first of its kind), talking about how it will likely evolve and how it intersects with cybersecurity.