Toreon at Privacy Café: combining privacy by design with the SDLC

At the last Privacy Café*, held in Mechelen on October 23rd, Seba Deleersnyder, co-founder and managing partner of Toreon, and Siebe De Roovere, Privacy and Information Secruity Expert at Toreon, explained to the Café’s guests how to combine Privacy by Design with the SDLC and objectively prove that your organization meets all of the set requirements.

A quick recap:

What can you do?
– Do not “bold on” extra compliance activities.
– Integrate compliance in AppSec / InfoSec activities.
– Add “GDPR epics and stories” to product backlog & include in sprints.

What will this get you?
– GDPR and SDLC re-inforce each other.
– (ab)use GDPR to start SDLC (business case).
– Improve SDLC by including GDPR activities.
– SDLC “deliverables” with GDPR artifacts demonstrate compliance.

What are the key success factors of this approach?
– Extend your AppSec “community” with DPO & legal allies.
– Turn your DPO into an SDLC advocate.

Hungry for more?
Find the complete presentation here.

Furthermore, Toreon happily donates the complete SAMM/GDPR mapping we’ve come up with to OWASP and all of the Privacy and Security Community.
Download our SAMM/GDPR Mapping. 

We would love to hear whether this was helpful to you or your organisation!

* A few times a year the Data Protection Institute (DPI) hosts a Privacy Café where they invite guests to talk about their job in the Data Protection field; discussing best practices and possible obstacles in their attempt to comply with the GDPR. All professional privacy enthusiasts are welcome to attend.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *