18 - 20 December, 2017

Data Privacy: a practical approach

6th ISACA Athens Chapter Conference

ISACA Athens Past Events &



Whether you are the CEO, CIO, CISO, or working in IT, IT Audit or operational functions, you face a number of great challenges driven from digital transformation. These challenges have now become a top priority and responsibility: protecting data, comply with new regulations, manage IT risk of digital transformation, managing and controlling your company’s exposure to the cloud. This is only going to become even more challenging with the emergence of artificial intelligence (AI), machine learning and the internet of things (IoT). On our sixth bi-annual chapter conference and workshop, we are going to address emerging trends in regulation, business models and technology in a practical manner and in some detail.

Conference Topics

  • Data privacy. EU’s looming General Data Protection Regulation (GDPR) will go directly into law for all countries within the EU by May 25, 2018. We will try to give a practical approach on what should be done to comply with the new Regulation.

  • Digital transformation. Digital transformation projects require new business models, new skill and potentially re-engineering operating models. They require the right mix of governance and controls to be in place in terms of digital strategy, data privacy requirements and of course digital security.

  • Cloud control. There are a number of risks associated with this significant strategic and organizational change. Data sovereignty is very important and valid concerns are also provider downtime, deleting data off the cloud and getting data back in-house. 

Chair & Keynote Speakers

Conference Chairman: 

Professor Costas Lambrinoudakis, University of Piraeus - Department of Digital Systems Head and Board Member of the Hellenic Data Protection Authority

Keynote Speakers:

  • Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, Group Director of Information Security, INTRALOT, ISACA Past Chairman
  • Xenofon Liapakis, General Manager, CIO & Services of Interamerican Group and Chairman of Hellenic CIO Forum
  • Vera Marmalidou, CIA, CRMA, Deputy Director, NBG Group Internal Audit, Chairman IIA Greece, BoD member, European Confederation of Institutes of Internal Auditing (ECIIA), Banking Committee member ECIIA
  • Yves Le Roux, CISM CISSP, ISACA Privacy Guidance Task Force Chair
  • Bruno Horta Soares, CISA, CGEIT, CRISC, PMP, ISACA Lisbon Chapter,  Executive Senior Advisor IDC Portugal
  • George Triantafillos, Head of Platform Integration (Leading Business CIO), Nordea
  • Dr. Marc Vael, Security, Privacy & IT Audit Executive at Esko
  • Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR

Data Privacy Workshop

A practical approach for IT implementation and compliance

19-20 December 2017, Hellenic American Union

Explore through best practices driven from ISACA’s guidelines and applied projects throughout Europe, what the IT Security, Audit, IT Assurance and Risk professional should know to comply with the new GDPR EU regulation.

Workshop instructors:  Elena Spiropoulou, Accredited Mediator (Legal Session),  Yves Le Roux, Chair of the ISACA Privace Task Force (Technical Session) 


Registration Fees





Students (full time)

& Unemployed

Corporate Registrations

(>2 participants)

18 December 2017
Conference only*





18-20 December 2017
Conference and Workshop






*VAT 24% applies on conference fee only

  • Registration to workshop track grants free entrance to Conference.
  • Workshops are VAT exempt.
  • Workshops are sponsored by the 0,24 OAED-LAEK subsidy program (for company-registrations only).
  • In order to guarantee a place on the conference and workshop, delegates are kindly requested to register at least 15 working days prior to the event.

Conference Chairman

Professor Costas Lambrinoudakis, University of Piraeus - Department of Digital Systems Head and Board Member of the Hellenic Data Protection Authority.

Dr. Costas Lambrinoudakis holds a B.Sc. (Electrical and Electronic Engineering) from the University of Salford (1985), an M.Sc. (Control Systems) from the University of London (Imperial College -1986), and a Ph.D. (Computer Science) from the University of London (Queen Mary and Westfield College - 1991). Currently he is a Professor at the Department of Digital Systems, University of Piraeus, Greece. From 1998 until 2009 he has held teaching position with the University of the Aegean, Department of Information and Communication Systems Engineering, Greece. For the period 2012-2015 he was a member of the board of the Hellenic Authority for Communication Security and Privacy, while from 2016 he serves on the board of the Hellenic Data Protection Authority.

Finally from 2015 he is Head of the Department of Digital Systems and Director of the Systems Security Lab. His current research interests are in the areas of Information and Communication Systems Security and of Privacy Enhancing Technologies. For many years he is working on issues related to the protection of personal data and the compliance of information systems to the National and European Legislation. He is an author of more than 100 scientific publications in refereed international journals, books and conferences, most of them on ICT security and privacy protection issues.

Keynote Speakers

Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, Group Director of Information Security, INTRALOT, ISACA Past Chairman.

Christos Dimitriadis is group director of Information Security for INTRALOT (Greece), Past Chair, ISACA. He has built INTRALOT’s Global Information Security operations and is now responsible for the alignment of the Group’s security strategy with the business needs and the oversight of its execution. In addition to leading information security, information compliance and intellectual property protection at INTRALOT Group, Dimitriadis has designed INTRALOT’s innovation program in 2013 and is heading the office of the CTO, managing business transformation projects since 2015. He has been working in the area of information security for 16 years, he holds two patents in fraud prevention and game design and has authored more than 150 publications.

He has received innovation awards from the European Lotteries Association, and the John W. Lainhart IV award for major contributions to ISACA’s common body of knowledge. He has also received the ISACA Presidents Award for Illustrious Service in 2014. He has served ISACA as a Director for four terms, chaired the Knowledge Board, the External Relations Committee, the COBIT for Security Task Force, and has been a member of the Relations Board, Academic Relations Committee, Journal Editorial Committee and Business Model for Information Security Workgroup. Dimitriadis has also served as a member of the Permanent Stakeholders Group (PSG) of the European Network and Information Security Agency (ENISA) for 2012-2015. He holds a degree in Electrical and Computer Engineering and a Ph.D. in Information Security. 

Yves Le Roux, CISM CISSP, ISACA Privacy Guidance Task Force Chair.

After his graduation from Paris University in 1970, Yves LE ROUX worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs.   In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int. as a Technology Strategist. In April 2017, he retires from CA Technologies. He has co-authored three books on security. He is a lecturer at ISEP (Paris Graduate Engineering School) and spoke in many conferences (e.g., EUROCACS/ISRM 2015, SEMAFOR 2015 , (ISC)² EMEA Congress 2015, (ISC)² Benelux, DACH and Dubai SecureSummits 2017). 

 Marc Vael, security, privacy & IT audit executive at Esko.

Marc Vael is currently the security, privacy & IT audit executive at Esko. Marc has 20+ years active experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, BCM/DRP, data protection/privacy and IT Audit. Marc is also president of ISACA Belgium, deputy member of the Flemish Privacy Commission, member of the audit committee at HoGent, board member of SAI and member of the Permanent Stakeholder Group of ENISA. Marc is a passionate speaker, teaching as guest professor at Antwerp Management School, Solvay Brussels School, HOWEST and TIAS. Marc is certified in IT audit (CISA), information security (CISM/CISSP), IT risk management (CRISC), IT governance (CGEIT/ITIL service manager) and certified director (GUBERNA).

Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR (ECommerce Europe Team).

Mina is an expert with vast experience in consulting on legal issues related to Digital Transformation of private companies, as well as the public sector and deals with complex strategic legal matters for a series of clients from diverse market fields like cosmetics, tobacco, fashion industry, petroleum, transportation, electric equipments, Platforms, Applications, Physical Archiving etc. She has vast expertise in the area of data protection and privacy law for more than 15 years ranging from compliance assessments, strategic decision making, implementation of procedures, drafting of key legal documents (Notifications to DPAs, privacy notices to data subjects, consent forms, data processing agreements, data transfer agreements, BCRs, standard contractual clauses, Privacy Policies, Employees Privacy Data Policies etc) to incident handling as well as representing clients in hearings before the local DPA.

At the same time, Mina has consulted the local government on e-government related issues that include complicated issues of security, privacy, digital signature and dematerialization of administration documents. She was a member in the law making committees for the implementation of Directives 2011/83/EU and 2013/11/EU as well as in the drafting of the Consumer Code for Distance Sales and the amendment of law 2251/1994 on consumer protection. She has also participated in many EU funded legal projects that include the assessment of the implementation of diverse EU Directives, the drafting of road maps for future actions and the proposal for amendments to the Commission. Among other key legal issues, those projects inlcluded analytical work on data protection requirements both from a market and from a governance related perspective.

Mina is also a frequent evaluator and reviewer of Horizon 2020 and CEF Telecom Projects as well as member of stakeholders groups of the Commission.

Bruno Horta Soares, CISA, CGEIT, CRISC, PMP, ISACA Lisbon Chapter,  Executive Senior Advisor IDC Portugal.

Bruno has a 5 years degree in Management and Computer Science and more than 15 years of Information Systems professional services experience, particularly in areas related with Governance, Risk, Control, Audit, Information Security & Privacy and Digital Transformation. Started his career at Deloitte Consulting, worked for Information Risk Management area at KPMG and for Enterprise Risk Services area at Deloitte Portugal. In 2012 he found GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor, and since then devoted enthusiastically to advising, teaching and training professional and Organizations in Portugal, Angola, Brazil and Mozambique. Currently actively collaborates with an ecosystem of local and international partners, particularly IDC Portugal where since 2015 he is IT Executive Senior Advisor for Digital Transformation, Governance, Strategy and Security.
He’s advisor and visiting professor at different business and engineering universities in Portugal, Angola and Brasil, founding President of the ISACA Lisbon Chapter, member of several professional associations and keynote speaker at various conferences and seminars.

Xenofon Liapakis, General Manager, CIO & Services of Interamerican Group, Chairman of Hellenic CIO Forum.

Mr. Liapakis graduated from University of Patras with a Bachelor Degree in Mathematics. He is a PhD Candidate at the Department of Computer Engineering & Informatics, University of Patras and his main areas of interests include Business Intelligence, Big data, Project management, Lean methodologies and Business operational excellence etc. For 18 years worked as IT Manager of the Phoenix Metrolife Commercial insurance company. Since April 2008, Mr. Liapakis is the CIO of the Interamerican Group, which is the largest private insurance company in Greece and is part of the Dutch Achmea Group - one of the largest insurance groups in Europe. The following departments are under his responsibility: IT, Client Services, Project Management Office, Policy Administration. Mr. Liapakis is a member of the Executive Board of Interamerican, member of the Achmea’s IT Policy Board of all subsidiaries in Europe and member of the IT Committee of the Association of Insurance Companies of Greece. At the same time, he is serving as the Chairman of the Hellenic CIO forum and he is board member of EUROCIO Association.

Vera Marmalidou, CIA, CRMA, Deputy Director, NBG Group Internal Audit, Chairman IIA Greece, BoD member, European Confederation of Institutes of Internal Auditing (ECIIA), Banking Committee member ECIIA

Verra Marmalidou has extensive experience in Internal Audit. Her areas of expertise also include IA methodology, COSO ERM & Internal Control Integrated framework implementation, Internal Quality assessments, KPIs, many audit activities reviews, RCSAs (Risk & Control Self Assessments) and Auditors’ professional development. She supports all IAUs at the NBG Group in many countries. She is responsible for the EGRC audit toοl (Thomson Reuters). She is also broadly experienced in investment products both sales and consulting since she had been head of the Private Banking sector at NBG Securities for 8 years.  She holds a Bachelor’s degree in Economics and MSC in Finance and Banking. She is Certified Internal Auditor (CIA), she holds Certification in Risk Management Assurance (CRMA) and Derivatives as well as Investment Consultant Certificates.

George Triantafillos, Head of Platform Integration (Leading Business CIO), Nordea

George has more than 15 years’ experience of providing solutions in the banking industry. He joined Nordea in 2006 and has been associated with key transformations and regulatory programmes within the accounting and financial reporting process, performance management and risk management domains by holding different leadership roles. He has experience of working in several data platforms while interacting with a number of technology and consulting partners. He has also experience in managing multi-location and multi-shore teams. Currently, he is a Leading Business CIO on Platform Integration within Banking Technology, with a key mission integrating the new banking platforms to a common data platform. Prior to Nordea he was serving mostly the financial services industry providing solutions expertise in consulting and presales roles.  George is holding M.Sc. In Computer Science from University of Essex and has been recently completed the CIO Academy in Said Business School of University of Oxford. George enjoys dialogues and discussions on enterprise and data architecture as well as delivery and operating models supporting relevant solutions.





CONFERENCE: 18 December 2017

Benaki Museum - 138 Pireos Av. 08.00-18.00

WORKSHOP: 19 & 20 December 2017

Hellenic American Union – 22 Massalias St. 09.00-17.00