Author Archives: Andrea Longhi

About Andrea Longhi

Over 25 years of experience in consultancy, full dedicated within Finance, Entertainment, Transportation and Energy & Utilities industries, plus initial 5 years in an industrial automation and supervision firm. Along my professional career the experience in leading consulting firms such as Deloitte, Arthur Andersen and Capgemini has allowed me to acquire a consolidated and strong experience in the field of Security & Compliance services and to develop strong core skills: leadership, management, business development, sales and delivery. Many years of collaboration with Clusit, CSA and Enisa on topics related to enterprise security & compliance. Moderator of roundtables on security and speaker at conferences. Collaborating with the Oracle Community for Security to the planning, preparation and presentation of researches and projects on security and privacy, during the Security Summit. Founder of ConsAL, company specialized on Security and Business Discovery services, I collaborate with leading consulting firms as a business developer and management consultant in the field of ICT/ICS Security, Fraud, Compliance and Quality Management and Business Discovery.

Privacy by design: which approach?

The principle of Privacy by Design introduced by General Data Protection Regulation (GDPR) requires firms and public administrations to adopt a proactive and not merely reactive approach to personal data protection, rendering necessary to provide operative procedures, configurations and safety measures safeguarding confidentiality, integrity and availability of personal data (RID) “by default”, meaning in the… Read More »

Goodbye Safe Harbour, hello Privacy Shield

Safe Harbor, declared invalid last October by ECJ, will be soon replaced by the EU-US Privacy Shield. “For the first time ever, the United States has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards and oversight mechanisms” states Commissioner Věra Jourová into press release. .@EU_Commission… Read More »

GDPR: from obligation to opportunity

The GDPR, in its final version just approved by EU Commission, Parliament and Council, introduces important changes in the responsibilities and procedures for protection and management of personal data within the EU. Just think on the introduction of data breach, privacy by default, the obligation to define, document and monitor the framework adopted to protect… Read More »

The protection of personal data is an important concern for citizens

The protection of personal data remains an important concern for citizens, according to a new Eurobarometer published by the European Commission on data protection. The survey, titled “Data Protection “, has been requested by the Directorate-General  for Justice and Consumers and coordinated by the Directorate-General for Communication, is designed to support the finalization of the… Read More »

New EU Regulation requires a more structured approach to personal data security

The New Regulation, through the art. 30 and 33, implicitly stresses the concept of “process for security management”, imposing an holistic and risk-based approach to the protection of personal data that takes into account important technological and behavioral changes happened in the last few years (Cloud, Big Data, Social Networks, right to oblivion, right to data… Read More »