18 - 20 December, 2017

Data Privacy: a practical approach

6th ISACA Athens Chapter Conference

ISACA Athens Past Events &



Whether you are the CEO, CIO, CISO, or working in IT, IT Audit or operational functions, you face a number of great challenges driven from digital transformation. These challenges have now become a top priority and responsibility: protecting data, comply with new regulations, manage IT risk of digital transformation, managing and controlling your company’s exposure to the cloud. This is only going to become even more challenging with the emergence of artificial intelligence (AI), machine learning and the internet of things (IoT). On our sixth bi-annual chapter conference and workshop, we are going to address emerging trends in regulation, business models and technology in a practical manner and in some detail.

Conference Topics

  • Data privacy. EU’s looming General Data Protection Regulation (GDPR) will go directly into law for all countries within the EU by May 25, 2018. We will try to give a practical approach on what should be done to comply with the new Regulation.

  • Digital transformation. Digital transformation projects require new business models, new skill and potentially re-engineering operating models. They require the right mix of governance and controls to be in place in terms of digital strategy, data privacy requirements and of course digital security.

  • Cloud control. There are a number of risks associated with this significant strategic and organizational change. Data sovereignty is very important and valid concerns are also provider downtime, deleting data off the cloud and getting data back in-house. 

Chair & Keynote Speakers

Conference Chairman: 

Professor Costas Lambrinoudakis, University of Piraeus - Department of Digital Systems Head and Board Member of the Hellenic Data Protection Authority

Keynote Speakers:

  • Yves Le Roux, CISM CISSP, ISACA Privacy Guidance Task Force Chair
  • Dr. Marc Vael, security, privacy & IT audit executive at Esko
  • Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR
  • Bruno Horta Soares, CISA, CGEIT, CRISC, PMP, ISACA Lisbon Chapter,  Executive Senior Advisor IDC Portugal
  • Xenofon Liapakis, General Manager, CIO & Services of Interamerican Group and Chairman of Hellenic CIO Forum

Data Privacy Workshop

A practical approach for IT implementation and compliance

19-20 December 2017, Hellenic American Union

Explore through best practices driven from ISACA’s guidelines and applied projects throughout Europe, what the IT Security, Audit, IT Assurance and Risk professional should know to comply with the new GDPR EU regulation.

Workshop instructors:  Elena Spiropoulou, Accredited Mediator (Legal Session),  Yves Le Roux, Chair of the ISACA Privace Task Force (Technical Session) 


Individual registrations will open on October 25, 2017

Registration Fees





Students (full time)

& Unemployed

Corporate Registrations

(>2 participants)

18 December 2017
Conference only*





18-20 December 2017
Conference and Workshop






*VAT 24% applies on conference fee only

  • Registration to workshop track grants free entrance to Conference.
  • Workshops are VAT exempt.
  • Workshops are sponsored by the 0,24 OAED-LAEK subsidy program (for company-registrations only).
  • In order to guarantee a place on the conference and workshop, delegates are kindly requested to register at least 15 working days prior to the event.

Conference Chairman

Professor Costas Lambrinoudakis, University of Piraeus - Department of Digital Systems Head and Board Member of the Hellenic Data Protection Authority.

Dr. Costas Lambrinoudakis holds a B.Sc. (Electrical and Electronic Engineering) from the University of Salford (1985), an M.Sc. (Control Systems) from the University of London (Imperial College -1986), and a Ph.D. (Computer Science) from the University of London (Queen Mary and Westfield College - 1991). Currently he is a Professor at the Department of Digital Systems, University of Piraeus, Greece. From 1998 until 2009 he has held teaching position with the University of the Aegean, Department of Information and Communication Systems Engineering, Greece. For the period 2012-2015 he was a member of the board of the Hellenic Authority for Communication Security and Privacy, while from 2016 he serves on the board of the Hellenic Data Protection Authority. Finally from 2015 he is Head of the Department of Digital Systems and Director of the Systems Security Lab.
His current research interests are in the areas of Information and Communication Systems Security and of Privacy Enhancing Technologies. For many years he is working on issues related to the protection of personal data and the compliance of information systems to the National and European Legislation. He is an author of more than 100 scientific publications in refereed international journals, books and conferences, most of them on ICT security and privacy protection issues.

Keynote Speakers

Yves Le Roux, CISM CISSP, ISACA Privacy Guidance Task Force Chair.

After his graduation from Paris University in 1970, Yves LE ROUX worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs.   In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int. as a Technology Strategist. In April 2017, he retires from CA Technologies. He has co-authored three books on security. He is a lecturer at ISEP (Paris Graduate Engineering School) and spoke in many conferences (e.g., EUROCACS/ISRM 2015, SEMAFOR 2015 , (ISC)² EMEA Congress 2015, (ISC)² Benelux, DACH and Dubai SecureSummits 2017). 

 Marc Vael, security, privacy & IT audit executive at Esko.

Marc Vael is currently the security, privacy & IT audit executive at Esko. Marc has 20+ years active experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, BCM/DRP, data protection/privacy and IT Audit. Marc is also president of ISACA Belgium, deputy member of the Flemish Privacy Commission, member of the audit committee at HoGent, board member of SAI and member of the Permanent Stakeholder Group of ENISA. Marc is a passionate speaker, teaching as guest professor at Antwerp Management School, Solvay Brussels School, HOWEST and TIAS. Marc is certified in IT audit (CISA), information security (CISM/CISSP), IT risk management (CRISC), IT governance (CGEIT/ITIL service manager) and certified director (GUBERNA).

Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR.

Mina is an expert with vast experience in consulting on legal issues related to Digital Transformation of private companies, as well as the public sector and deals with complex strategic legal matters for a series of clients from diverse market fields like cosmetics, tobacco, fashion industry, petroleum, transportation, electric equipments, Platforms, Applications, Physical Archiving etc. She has vast expertise in the area of data protection and privacy law for more than 15 years ranging from compliance assessments, strategic decision making, implementation of procedures, drafting of key legal documents (Notifications to DPAs, privacy notices to data subjects, consent forms, data processing agreements, data transfer agreements, BCRs, standard contractual clauses, Privacy Policies, Employees Privacy Data Policies etc) to incident handling as well as representing clients in hearings before the local DPA.

At the same time, Mina has consulted the local government on e-government related issues that include complicated issues of security, privacy, digital signature and dematerialization of administration documents. She was a member in the law making committees for the implementation of Directives 2011/83/EU and 2013/11/EU as well as in the drafting of the Consumer Code for Distance Sales and the amendment of law 2251/1994 on consumer protection. She has also participated in many EU funded legal projects that include the assessment of the implementation of diverse EU Directives, the drafting of road maps for future actions and the proposal for amendments to the Commission. Among other key legal issues, those projects inlcluded analytical work on data protection requirements both from a market and from a governance related perspective.

Mina is also a frequent evaluator and reviewer of Horizon 2020 and CEF Telecom Projects as well as member of stakeholders groups of the Commission.

Bruno Horta Soares, CISA, CGEIT, CRISC, PMP, ISACA Lisbon Chapter,  Executive Senior Advisor IDC Portugal.

Bruno has a 5 years degree in Management and Computer Science and more than 15 years of Information Systems professional services experience, particularly in areas related with Governance, Risk, Control, Audit, Information Security & Privacy and Digital Transformation. Started his career at Deloitte Consulting, worked for Information Risk Management area at KPMG and for Enterprise Risk Services area at Deloitte Portugal. In 2012 he found GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor, and since then devoted enthusiastically to advising, teaching and training professional and Organizations in Portugal, Angola, Brazil and Mozambique. Currently actively collaborates with an ecosystem of local and international partners, particularly IDC Portugal where since 2015 he is IT Executive Senior Advisor for Digital Transformation, Governance, Strategy and Security.
He’s advisor and visiting professor at different business and engineering universities in Portugal, Angola and Brasil, founding President of the ISACA Lisbon Chapter, member of several professional associations and keynote speaker at various conferences and seminars.

Xenofon Liapakis, General Manager, CIO & Services of Interamerican Group, Chairman of Hellenic CIO Forum.

Mr. Liapakis graduated from University of Patras with a Bachelor Degree in Mathematics. He is a PhD Candidate at the Department of Computer Engineering & Informatics, University of Patras and his main areas of interests include Business Intelligence, Big data, Project management, Lean methodologies and Business operational excellence etc. For 18 years worked as IT Manager of the Phoenix Metrolife Commercial insurance company. Since April 2008, Mr. Liapakis is the CIO of the Interamerican Group, which is the largest private insurance company in Greece and is part of the Dutch Achmea Group - one of the largest insurance groups in Europe. The following departments are under his responsibility: IT, Client Services, Project Management Office, Policy Administration. Mr. Liapakis is a member of the Executive Board of Interamerican, member of the Achmea’s IT Policy Board of all subsidiaries in Europe and member of the IT Committee of the Association of Insurance Companies of Greece. At the same time, he is serving as the Chairman of the Hellenic CIO forum and he is board member of EUROCIO Association.



CONFERENCE: 18 December 2017

Benaki Museum - 138 Pireos Av. 08.00-18.00

WORKSHOP: 19 & 20 December 2017

Hellenic American Union – 22 Massalias St. 09.00-17.00