|
This course is available in the Classroom and via Teams  
Data Security & Cybersecurity
Course Overview:
Data protection law requires that personal information must be processed in a manner that ensures appropriate security. When it comes to regulatory enforcement, a failure to comply with this obligation is one of the most frequent infringements identified by the Data Protection Commission resulting in fines and sanctions for organisations.
This comprehensive course provides a practical and regulatory-focused guide to data security obligations under Irish and EU law. With a primary focus on security obligations with respect to Personal Data under Data Protection law, it explores the legal, technical, and organisational measures required to protect personal data, prevent breaches, and demonstrate compliance with the GDPR, the Data Protection Act 2018, while also considering emerging cybersecurity frameworks including the NIS2 Directive, the Digital Operational Resilience Act (DORA), and the EU AI Act.
Participants will gain a clear understanding of, and practical approaches to, how to implement a risk-based approach to data security, manage third-party risks, respond to data breaches, and prepare for regulatory enforcement. It concentrates on how to avoid breaches from a legal and practical point of view, as well as considering the implications of any breach that might occur.
Key aspects of this session include: - legal obligations under GDPR and the Data Protection Act 2018
- risk-based security measures and the accountability principle
- technical and physical security controls, including cyber hygiene and resilience
- organisational governance, training, and documentation requirements
- the requirement for documentation and how to comply with it
- an introduction to the requirements of ‘data protection by design’, and ‘data protection by default’
- the data security implications of using 3rd parties to process personal information, such as external contractors and outsourced service providers, including cloud service providers
- managing processor contracts and data sharing arrangements
- breach detection, notification, and response protocols
- informing individuals and notifying the Commissioner about data security breaches - what is required and how to go about it
- the powers of the Data Protection Commissioner and other regulators, and other legal and commercial consequences of data security breaches
- overview of NIS2, DORA, and the EU AI Act – scope, obligations, and practical implication
Attendance on this course can be used as credit towards gaining the Practitioner Certificate in Data Protection. |
Course Trainer
Susan Walsh
Legal Director EY Law
Trainer's biography
and other courses
by this Trainer
|
Course Information
| Virtual-LIVE | Wednesday, 29 April 2026 | | Virtual-LIVE | Wednesday, 16 September 2026 | | Dublin (Classroom) | Wednesday, 18 November 2026 |
Additional Information:
- Sessions run from 10.00am to 4.00pm.
- Comprehensive hardcopy course materials are provided.
- Classroom Training includes a full sit-down lunch and refreshments throughout the day
Training Fees:
Classroom - €545
Virtual-LIVE (Teams) - €495
10% discount for additional delegates for this course when booked together
Who should attend:
Data Protection Officers, IT Managers, Compliance Officers, Corporate Security Officers, legal advisers, persons responsible for risk management, and others.
|
|
|
Course Testimonials
“Excellent.”
Kevin Harte
Peoplepoint “Very informative and practical.”
Denise Kennedy
Dept of Public Expenditure and Reform “Excellent.”
Maura Young
Irish Credit Bureau
“Thoroughly enjoyable.”
Michael King
Cleaver Fulton Rankin "The ability of the trainer in dealing with questions was excellent."
Joanne Ness
Easytrip “Very informative. Course went at a good pace, and course material comprehensive. Very thought provoking.”
Muriel Koyce
Sunbeam House Services "Very complete coverage and comprehensive information."
Tony Scott
Grafton Group Plc
|
