Auckland Data Protection & Security Summit 2025

Step into the reality of a major cyber incident with someone who has navigated the storm. This session offers firsthand insights into the true impact of a breach, focusing on:

• Practical experiences and lessons learned
• The profound people impact
• Navigating the challenging aftermath  

‍

Many organisations struggle with unstructured data sprawl, excessive access rights, and a lack of visibility into how sensitive information is used. In this session, Terry will discuss why an identity-centric approach to data governance helps organisations gain control over their data, reduce risk, and ensure compliance—without adding unnecessary complexity.

• Identifying and addressing data risk through an identity-first lens
• Reducing overexposure by mapping and managing user access to sensitive data
• Building sustainable, policy-driven controls for structured and unstructured data environments

‍

With updates to IPP 3A, the introduction of the Consumer Data Right (CDPA), and growing focus on the Digital Identity Services Trust Framework (DISTF), New Zealand organisations face a pivotal moment in privacy compliance. This panel brings together experts to simplify what’s changing, what it means for your organisation, and how to prepare.

• Understanding key changes across IPP 3A, CDPA, and DISTF—and what they mean in practice
• Managing cross-border data transfers under evolving local and international obligations
• Preparing your teams and programs for privacy compliance that goes beyond box-ticking

In this innovative session, attendees will be faced with a series of scenarios that they may face in their roles. Attendees will discuss the possible courses of action with their peers to consider the ramifications of each option before logging their own course of action. 

Results will be tallied and analysed by our session facilitator and results will impact the way the group moves through the activity.

Will we collectively choose the right course of action?

‍

This session explores how TSB Bank is securely adopting GenAI through structured governance, thoughtful implementation, and practical controls. This session explores the steps taken to evaluate new technologies, roll out AI programs, and maintain security and compliance throughout.

• Establishing strong AI governance frameworks before any experimentation begins
• Evaluating GenAI tools for business fit, privacy impact, and security requirements
• Rolling out AI programs with clear guardrails, monitoring, and team guidance

This demo explores how organisations can use automation to stay compliant with evolving global data privacy laws, reduce manual overhead, and respond to regulatory demands with agility and confidence.

• Streamlining compliance processes to reduce administrative burden and improve response times
• Enabling real-time monitoring and alerting to detect and address potential breaches or violations instantly
• Simplifying data privacy management through centralised tools that handle consent, access rights, and data mapping
• Staying ahead of change with automated workflows, reporting dashboards, and continuous updates aligned with global regulations

‍

This panel brings together leaders of security, data, privacy and technology to exchange insights on how to balance stringent security measures with the need for innovation. The discussion will focus on strategies for safeguarding sensitive data, ensuring compliance, and fostering a security-centric culture that drives competitive advantage.

• Developing robust security frameworks that align with business innovation goals
• Implementing advanced threat detection while facilitating seamless data access
• Navigating complex regulatory landscapes without hindering technological advancement
• Cultivating a proactive security culture that empowers innovation across the organisation

‍

Delegates will chose from a list of pertinent peer-to-peer discussion topics focussing on evolving and emerging trends, techniques and technologies

‍

In a digital era where innovation and customer experience drive competitive advantage, data protection leaders face the challenge of safeguarding privacy and building trust while enabling business growth. This session explores how to balance data protection with innovation to deliver exceptional customer experiences without compromising on security.

• Aligning data protection strategies with business innovation goals
• Enhancing customer experience without compromising privacy and trust
• Leveraging privacy by design to achieve competitive edge
• Navigating regulatory compliance amidst rapid technological advancement

‍

In this session, we’ll take a live pulse of the room on six big-picture questions. The results will drive a candid, expert-led discussion on what they reveal about where we are — and where we’re heading.

• In today’s environment, what should be the primary custodian of data?
• What’s the most effective way to influence company-wide behaviour change around data protection?
• Is AI a friend or foe to data governance, security and privacy leaders?
• What's the biggest driver behind current data protection investments?
• What should be the number one data protection investment in the next 18 months?

‍