Dr Susan Bennett
PhD, LLM (Hons), MBA, FGIA, FIP, CIPP/E, CIPT
Principal & Director
M: +61 (2) 8226 8682
E: susan.bennett@sibenco.com
Connect with Susan on LinkedIn
Overview
Susan is the Principal of Sibenco Legal & Advisory and Founder & Executive Director of Information Governance ANZ (InfoGovANZ). With thirty years of experience as a lawyer and advisor, Susan works closely with corporate and government clients to deliver tailored legal and risk management solutions that meet client needs and strategic objectives.
Prior to establishing Sibenco, for many years Susan led large litigation cases and inquiries involving the production of large volumes of documents/data. She draws on her deep commercial and litigation expertise to deliver responsive risk management solutions for effective information governance and regulatory compliance, particularly in data privacy and information security, cross border data protection and critical incident planning and response.
Susan founded InfoGovANZ in 2016 to break down the ‘information silos’ she observed among professionals, to enable more connected thinking and innovation for Information Governance best practice and help drive more holistic solutions, particularly for data privacy, information security and cybersecurity. Information Governance is the policies, procedures, technologies and culture that organisations build to maximise the value of data and information while minimising the associated risks and costs. For more information – visit www.infogovanz.com.
Susan’s PhD thesis is on Privacy and Data Protection: the interaction of meta-regulation and information governance. Susan holds a Master of Business Administration and a Master of Laws and is a Certified Information Privacy Professional – Europe (CIPP/E) and a Certified Information Privacy Technologist (CIPT). Susan is a Fellow of the Governance Institute of Australia (FGIA), a Fellow of the International Association of Privacy Professionals (FIP), a member of the Asian Privacy Scholars Network (APSN), a member and graduate of the Australian Institute of Company Directors (AICD).
Areas of Expertise
Susan delivers strategic, practical and responsive advice to organisations in:
- Information and Data Governance – frameworks and policies to achieve regulatory compliance reducing risks and maximising the value of data using data-driven technologies.
- Data Minimisation – improving information lifecycle management through policy, people and technology alignment of data collection, management, record retention and disposal.
- Privacy and Data Breach – policies and procedures to comply with privacy requirements, PIAs, privacy-by-design, critical incident planning and data breach response.
- Data Impact Assessments including ethical frameworks using technology and AI.
- Corporate Governance – integrated risk management and governance frameworks, policies and procedures to improve information flows to the Board and to achieve organisational objectives.
- Investigations and Reviews – providing independent workplace reviews and reports.
- Workshops and Presentations – helping Boards and senior executives achieve strategic objectives and reduce risks arising from the intersection of data, technology and regulatory compliance.
Speaking Engagements
- Panelist, Best Practices for Building and Enforcing Global Retention Schedules, (virtual), IAPP (U.S.), March 2024
- Presentation, Data Privacy and Cybersecurity, In-House Conference: Managing Risk, Sydney, Legalwise, March 2024
- Co-presentation, AI Risks, Failures and Consequences: Corporate Governance for the AI Era, Society of Corporate Law Academic Conference, February 2024
- Presentation, Cybersecurity: Lessons from high-profile data breaches, InfoGovANZ, December 2023
- Presentation, Information Governance Keys to Success, InfoGovANZ, November 2023
- Presentation, AI Regulations, Frameworks and Standards: The Governance Challenge for Organisations, London (virtual presentation), Information Law and Policy Centre, University of London, Human in the Machine: Digital Rights and AI, November 2023
- Presentation, Information Security: improving cybersecurity defences through governance, Australia-India Cybersecurity Leaders International Symposium, Sydney, September 2023
- Co-presentation, AI Risks in the Financial Sector: Consequences for Companies and Directors, The University of Sydney, Law School, Sydney, August 2023
- Moderator, Is Information Governance Still Stressing Your Organisation in 2023? American Bar Association Cross Border Institute, Paris, July 2023
- Presentation, AI and Privacy Risks in the Financial Sector: Consequences for Companies and Directors, Privacy, Law and Business Conference, St John’s College, Cambridge, July 2023
- Presentation, AI and Data: Key Issues for Directors, Women on Boards, June 2023
- Information Awareness Month Launch, Presentation on IG Industry Report and Trends, May 2023
- Moderator, Australian Privacy Commissioners’ Forum, Privacy Awareness Week, OVIC, May 2023
- Moderator, What are the risks for organisations using Chat GPT and similar technology?, InfoGovANZ, March 2023
- Moderator, Reducing discovery costs in litigation & the new EDRM Dupe ID Specification, InfoGovANZ, March 2023
Click here for more speaking engagements
Publications
- Dark Data – the risks, costs and ESG
- The use of WhatsApp and messaging record-keeping failures: the massive fines keep coming
- Information Lifecycle Management: what is it and how it reduces risk?
- Optus Data Breach – the risks of data over-retention
- The Primer on eDiscovery in the Asia Pacific (APAC) Region
- The Information Governance Primer – a comprehensive guide to build and improve information governance within organisations
Click here for more articles and publications
Qualifications
Tertiary Education
- Doctor of Philosophy (PhD), University of Sydney (2023)
- Master of Business Administration (Exec), AGSM (2003)
- Master of Laws (Hons), University of Sydney (1999)
- Diploma of Legal Practice, University of Technology Sydney
- Bachelor of Laws, University of Tasmania
Professional education
- Certified Information Privacy Technologist – CIPT (2023)
- Certified Information Privacy Professional – CIPP/E (2018)
- Legal Lean Sigma® and Project Management (2014)
- Leading Professional Services Firms, Harvard Business School (2011)
- Company Directors Course (GAICD), AICD (2007)
Practising Certificate & Admissions
- Unrestricted Practising Certificate New South Wales, Australia
- Supreme Court of New South Wales
- Federal Court of Australia and High Court of Australia
Professional Associations
- Australian Institute of Company Directors (GAICD)
- Asian Privacy Scholars Network (APSN)
- EDRM Global Advisory Council
- Fellow of the Governance Institute of Australia (FGIA)
- Fellow of the International Association of Privacy Professionals (FIP)
- New South Wales Law Society
- Sedona Conference® Working Group 6 – International Electronic Information Management, Discovery and Disclosure
- Sedona Conference® Working Group 11 – Data Security and Privacy Liability
Career overview
Sibenco Legal & Advisory | Principal and Director (2012 to date) |
InfoGovANZ | Founder and Director (2016 to date) |
Sparke Helmore | Sydney Managing Partner (2010-2011) Partner and National Group Leader, Commercial Litigation & Dispute Resolution Group and the Legal Technology Support Group (2003-2011) |
Consultant | Consultant on large high-profile commercial litigation disputes (2000-2002) |
Middletons (now K&L Gates) | Senior Associate, Dispute Resolution and Commercial Litigation Group (1997-2000) |
Phillips Fox (now DLA Piper) | Solicitor, Construction Group (1995-1997) |