Vanessa Henri has been working in data privacy for 10 years. As a lawyer, she approaches data differently than most of us. So on today's episode of 10 Questions to Cyber Resilience, we wanted to pick her brain about her perspective of data privacy as a lawyer and where Canada is headed in terms of laws and compliance.

In this episode, Vanessa Henri from Henri and Wolf, and co-founder of Assurance IT, Luigi Tiano, discuss:

1. Using due diligence to grow an organization
2. The relationship between legal and IT
3. One strategy to get more cyber security budget
4. Is Canada behind on data privacy laws?
5. Defining C27 and what it could mean for Canada
6. Will C26 and C27 be passed as laws?
7. How AI fits into new legislation
8. Why consumers are scared of AI
9. How to start implementing AI in your business

Resources:

Watch the episode: https://youtu.be/ng2SQk2OBi8

Vanessa Henri’s LinkedIn: https://www.linkedin.com/in/vanessahenri/

Henri & Wolf website: https://henriwolf.law/

Luigi Tiano’s LinkedIn: https://www.linkedin.com/in/luigitiano/

Assurance IT Website: http://www.assuranceit.ca/

About Vanessa Henri:

"I work with emerging growth organizations to help them articulate a data governance strategy taking into consideration data privacy, information security, intellectual property, and ethics. I bring value and a competitive edge to data-driven organizations by helping them to manage their legal risks, enhance consumers trust and fast-forward the adoption of disruptive technologies through trust-by-design. I have an extensive experience negotiating and drafting tech agreements with data governance implications (including data acquisition, derivative data management and contracts involving data analytics and anonymization requirements), and enjoy working with entrepreneurs to build contractual structures that reflect their business strategies. I am fascinated by ethical innovation, the economic value of trust, and nurturing purpose-driven organizations.

Organizations reach out to me to understand the legal impacts of their strategy for managing and securing their information assets, which may include trade secrets, intellectual property and personal information, and for advices on how to improve governance, risk management and decision making regarding such informational assets. I also work with organizations on issues of economic cyber-espionage and national security impacts. The organizations I work with are principally in the field of emerging technologies, cybersecurity and data-driven industries, including IIoT.

I am a member of the Quebec Bar Association, a Certified Data Protection Officer ("CDPO") and a Senior Lead Implementor for ISO 27701 (Privacy Information Management System), with a proven track record of helping organizations of all sizes and industries implementing compliance measures for their informational assets, including through privacy-by-design in emerging technologies. I have experience deploying information management systems for organizations of all sizes by drafting policies, procedures and establishing risk management methodologies. I perform risk assessments and audits to prepare organizations for certification or for new compliance obligations, or for pre-market validation requirements.

I speak frequently in conferences and podcasts, and I contribute to blogs, posts and articles on an ongoing basis. I am involved in the cause of women in cybersecurity and entrepreneurship. I've recently been honored as part of Top 20 Cybersecurity Women Canada."

- Vanessa Henri

About 10 Questions to Cyber Resilience:

Twice per month, learn about how IT leaders are strengthening their cyber security practices. Every episode comprises of 10 questions that get you one step closer to cyber resilience. Subscribe to stay up-to-date with hot topics in cyber security.

About Assurance IT:

Assurance IT (www.assuranceit.ca) specializes in data protection and data privacy for the mid-market in Canada, since 2011. The Montreal-based company’s unique approach to helping customers become cyber resilient is called the PPR Methodology which stands for Prepare, Protect and Recover. Based on industry best practices, the PPR Methodology is an easier way to achieve cyber security and compliance objectives.