Archived Webinar: What the GDPR Will Mean to Global Businesses 



Frank Cindrich
Gabe Maldoff
Westin Fellow
International Association of Privacy Professionals
Michael Hopp
Plesner Law Firm 
Marshall Toburen
GRC Strategist, Enterprise Risk Management


Nancy Cohen
Director of Privacy and Assurance Practices, Research/Standards & Academic


In recognition of Data Privacy Day – ISACA, in conjunction with the International Association of Privacy Professionals (IAPP) will host a webinar on the implications of the EU General Data Protection Regulation (GDPR).

The GDPR will bring big changes for data protection in Europe. However, it will not only impact European organizations, but will have significant impact on all companies that operate globally. Companies need to start planning for the impact that the changes from GDPR will bring and move toward compliance sooner rather than later.

The session will involve a panel discussion with both US and European professionals providing their perspective on the Regulation and how it will impact global businesses.

ISACA Members Earn Free CPE

Date: Thursday, 28 January 2016
Time:12PM (EST) / 11AM (CST) / 9:00AM (PST) / 17:00 (UTC)


Frank Cindrich (Washington D.C.) is a director with PwC and the firm’s privacy lead for metro-Washington, D.C. Frank is a former corporate counsel. He has 17 years of experience advocating for the inclusion of privacy and security as essential parts of corporate governance and building responsive privacy and security programs.

Frank advised senior officials, such as the U.S. Departments of Homeland Security and Health and Human Services on strategies for integrating privacy and security enterprise architecture and new technologies. Frank’s teams support commercial enterprises across industries, helping key stakeholders at all levels to better understand privacy and security requirements and trends in privacy and security regimes, the General Data Protection Regulation (DGPR).

Michael Hopp (Denmark) is a partner in Plesner's Technology, Media, and Telecoms (TMT) team. He is responsible for Plesner's advisory services on data protection law, marketing law, and consumer protection. Michael has been deeply involved in data protection law since 2000 and has acquired broad and in-depth experience in handling many types of data protection law issues. Michael is widely recognised as a leading Danish advisor in the field, and in recent years, has been instrumental in defining and formulating various large-scale compliance projects on behalf of large Danish businesses.

He advises clients on data protection compliance projects, international data transfers, whistle-blower hotlines, privacy policies for customers or employees, employee monitoring, and data protection issues in relation to US Discovery. Michael also advises about the upcoming General Data Protection Regulation and the consequences of the regulation for private entities and public authorities.

Gabe Maldoff (Maryland, USA) is a Westin Fellow at the International Association of Privacy Professionals (IAPP). A Certified Information Privacy Professional (CIPP-US), he has researched and written extensively about emerging issues in privacy and data security, including analysis of developments in European privacy law. Gabe graduated magna cum laude from the University of Maryland School of Law and was an editor of the Maryland Law Review. During his time at Maryland, Gabe interned at the World Bank in Washington, DC, the Maryland Office of the Attorney General and with a federal judge. As an executive member of the Maryland Moot Court Board, he authored and managed a competition focused on an employee’s right to privacy in the government workplace. Gabe’s interest in law and privacy stems from his work with HIV/AIDS patients in the Southern Highlands of Tanzania in 2008. He holds a Bachelor of Science from McGill University.

Marshall Toburen (Kansas, USA) currently provides strategic input to the development of risk-related solutions for RSA-Archer and advises customers on best practices relating to Operational, Third Party, and Enterprise Risk Management. Prior to joining RSA-Archer, Marshall served as SVP/Enterprise Risk Manager for a diversified financial services company based out of Kansas City, MO. In that capacity, Marshall was responsible for the company’s enterprise risk management activities, including its enterprise risk management practices and technology solutions, information security, insurance risk transfer, loss management, third party risk management, and Sarbanes-Oxley / internal controls management. Marshall has previously held positions in the financial services industry, including as Operational Risk Manager, Chief Audit Executive, IT Audit Director, and Assistant Controller.

Marshall holds an M.A. in Economics from the University of Missouri, B.A.s in Economics & Political Science from Baker University, and has received certifications as a CIA, CISA, and CBA, (currently non-practicing).

Nancy Cohen (Illinois, USA) is a Certified Public Accountant (CPA) and Certified Information Privacy Professional (CIPP) with more than 30 years of experience in professional trade association management. In her current role with ISACA, Nancy is the director of privacy and assurance practices, responsible for privacy and assurance related research projects and publications.

Nancy holds a MBA in Taxation from St. John’s University and an undergraduate degree in accounting from Queens College.


CPE Quiz
CPE Quiz is available for active ISACA members ONLY. Please use your ISACA credentials to access the quiz.

To Register for this webinar: Click Attend (in the box below) and create a BrightTALK ISACA Channel account (please do not use your ISACA login credentials). If you already have a BrightTALK account, log in with your BrightTALK credentials and click Confirm Attendance. Please note: There is an option to add to this event to your Outlook calendar once you have registered.

Additionally, please note that this platform does not currently support Firefox or Safari browsers. We suggest you test your system ahead of the event to ensure your ability to participate. If you are viewing from behind a corporate firewall, you may need to ask your IT administrator whether streaming media is blocked. Test your system.