Vector Search -An Introduction in Oracle Database 23ai.pptx
(Mis)trust in the cyber era
1. Information Security Summit 2013
October 23rd 2013 @ Hong Kong
(Mis)trust in the Cyber Era
Albert Hui GREM, GCFA, GCFE, GCIA, GCIH, GXPN, GPEN, GAWN, GSNA, CISA
Principal Consultant
2. Who Am I?
Albert Hui
GREM, GCIA, GCIH, GCFA, GCFE,
GPEN, GXPN, GAWN, GSNA, CISA
SANS Advisory Board Member
GRC Consultant for Banks,
Government and Critical
Infrastructures.
Spoken at Black Hat, HTCIA-AP,
and
Economist Corporate Network.
Former HKUST lecturer.
8. Sad but True
“If you expect a cloud provider to do anything more
interesting than simply store your files for you and
give them back to you at a later date, they are
going to have to have access to the plaintext.”
Bruce Schneier
19. Reality
RISK OUTSOURCING
TRUST OUTSOURCING
1.
Assess risks
1.
Transfer trust
2.
Treat some risks
2.
3.
Terminate some risks
4.
Tolerate some risks
Trust that transferee is
trustworthy (secure, reliable
and aligns with your
risk appetite & risk strategy)
5.
Transfer remaining risks
24. Recap
“If you expect a cloud provider to do anything more
interesting than simply store your files for you and
give them back to you at a later date, they are
going to have to have access to the plaintext.”
Bruce Schneier