SlideShare a Scribd company logo

Maturing Your Organization's Information Risk Management Strategy

Privacera
Privacera

As organizations grow, they face more risks associated with the security and protection of sensitive data. Organizations struggling to navigate the different stages of business need to be sensitive to the increasing maturity necessary to support increasing demands for data governance and information risk management. Learn about: ▪ Four different stages of the maturity curve ▪ Assessing data sensitivity and classifying data assets ▪ Access controls and data protection ▪ Interpreting policies and determining their impact on information management ▪ Determining the impact of data protection policies on information management practices ▪ Automating policy compliance auditing ▪ Maintaining governance consistency across the hybrid data enterprise Watch the on-demand webinar here: https://tdwi.org/webcasts/2021/03/arch-all-maturing-your-organizations-information-risk-management-strategy.aspx with TDWI Speaker: David Loshin, President of Knowledge Integrity and guest speaker Bill Brooks, Director of Solutions Engineering, Privacera (www.privacera.com)

Technology
1 of 34
Download to read offline
March 30, 2021 Maturing Your Organization’s Information Risk Management Strategy David Loshin President, Knowledge Integrity Program Director, Master of Information Management, University of Maryland
OUR SPONSOR 2
DAVID LOSHIN President, Knowledge Integrity, Inc. Program Director, Master of Information Management, University of Maryland
Information Risk – A Definition • According to Wikipedia there are several definitions of risk, including: – “Risk is the potential for uncontrolled loss of something of value.” – “(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility.” • “Risk” affects the way that a business operates: – Inhibits quality excellence – Has an effect on project objectives – Threat of quantifiable damage, injury, loss, liability, or other negative occurrence that may be avoided through preemptive action • Information risk would be the potential for loss of value due to issues associated with managing information
Information Risk & Governance Maturity • Understanding stages of a governance maturity curve help to empower the organization identify systemic risks – Rudimentary – Proficient – Advanced – Sophisticated Operational risk Financial risk Customer risk Reputation risk Compliance risk
Data Sensitivity • Growing recognition of risks of exposing individuals’ personal and private information – Emerging indignance over corporations using and selling what is believed to be personal or private information – Increasing number and volume of data breaches – Expanding interest of governmental intervention and protection • A growing inventory of global regulations address the need to secure and protect individuals’ personal and private data • Growing awareness of the general concepts of protection of “sensitive” data
Classifying Data Sensitivity dloshin@umd.edu Confidential data Controlled unclassified data Export-controlled data IT security data Government classified data Sensitive corporate data Chain of custody data Personal data
Data Sensitivity Assessment & Classification • Assessment – Data discovery to determine if the asset contains potentially sensitive data • Classification – Within the context of defined policies, assign one or more sensitivity classifications to the data asset by data attribute
Formalize Approaches to Platform-wide Data Controls Data Owners Data to be shared Classifications PHI PII FINANCIAL_DATA … Roles Claims_Processor Fraud_Analyst Finance_Analyst … Assess sensitivity Define classifications Specify roles Determine privileges Define conceptual data policies Conceptual Policies Claims_Processor may access FINANCIAL_DATA Fraud_Analyst may access PII … Translate conceptual data policies to target systems 1 2 3
Interpreting Policies and Assessing Governance Impact GDPR’s Right to Erasure At what point do you determine that personal data are no longer necessary for the purposes for which they were collected? How does your organization “manage consent”? What does it mean to “erase” data? Is the default to erase data that are no longer necessary? How do you keep track of the controllers? How do you notify them? How do you locate all links, copies, replications within your own organization? How do you convey obligations to other controllers?
Automate Policy Compliance and Auditing Data Consumer Data Consumer Data Consumer Data Consumer Centralized Policy Portal Enterprise Identity Access Management Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Row-level & column-level data protection
Ensuring Consistency in Governance • Complexity of governance increases with the intricacy of the data architecture • The plethora of applications, each with its own data access control, masking, and data protection techniques adds to the complexity • Formalize a standard for data policy management, deployment, and auditing
Considerations • Data protection is a critical component of an information risk management program • The inability to ensure auditability of compliance creates vulnerabilities that are difficult to overcome • Institute governance maturity assessment to support increasing demand for definition, implementation, monitoring, auditing, and reporting of data controls for policy compliance
BILL BROOKS Director, Solution Engineering Privacera
SIMPLIFY DATA ACCESS GOVERNANCE Presented by: William Brooks 2021 Enabling enterprises to responsibly use their data in the cloud Powered by Apache Ranger
GOVERNANCE BLIND SPOT
Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment
AUTOMATED DATA DISCOVERY Assess data sensitivity and classify accordingly
AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection ENTERPRISE-GRADE ENCRYPTION
AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL COMPLIANCE WORKFLOWS Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment ENTERPRISE-GRADE ENCRYPTION
AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL COMPLIANCE WORKFLOWS Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment ENTERPRISE-GRADE ENCRYPTION
THE LEADER IN DATA GOVERNANCE 2012 2014 2015 2016 2017 PRESENT XA Secure Founded Apache Atlas data governance Privacera Platform GA XA Secure acquired by Hortonworks, open source Apache Ranger Privacera founded Multiple Fortune 100 companies Founded in 2016 by the creators of Apache Ranger and Apache Atlas Proven at scale in 2000+ production environments Experienced and accomplished innovators in data and cloud governance. Partner of Databricks, Snowflake, Amazon Web Services and Microsoft
Sensitive Data Discovery - Dashboard
Sensitive Data Discovery - Data Classification
Define Tags Configure Matching Define Rules Register Data Sources Configure Scanning Configure Workflows EMAIL PERSON_NAME PAYMENT_CARD_NU M MRN DATE_OF_BIRTH Keywords Lookups Patterns Heuristic Models Machine Learning Structured Tag Mapping Unstructured Mapping Post-Processing Groups JDBC Connections Bucket/Container HDFS Database/Schema/Table Path/Filename Include/Exclude Scheduling Near-Realtime Scanning Redaction Encryption Expunging Right to be Forgotten Archival Alerts ADDRESS LINKED_PII Keywords: (ADDR, STREET, APT, ADDRESS…) Lookups: (St, Ln, Blvd, Dr…) Patterns: (?:W|_|^)(d+(s[A- Z0- 9.]+?){1,3}s(?:W|_ |$) rule_street_address: Must Have: c_STREET_ADDRESS AUTO_YES_SCORE Tag: UK_ADDRESS gdpr_linked_pii: classify UK_ADDRESS as LINKED_PII AWS account 34984438 jdbc:postgresql://myd b.privacynth.com:5432 /customer jdbc:postgresql://myd b.privacynth.com:5432 /sales s3://mybycket/custome r_data S3://cust_uploads/inb ound customer/*/* sales/account/* Uploads Zone ● Disallow PII ● Encrypt and Quarantine Operations Zone ● RTBF Requests ● Disallow S3 data movement to Uploads What are we looking for? How do we identify the data? When do we apply the tags and classifications? Where do we look for sensitive data? What resources should we scan? What do we do when we find sensitive data? Discovery Configuration
CENTRALIZED ACCESS CONTROL Simplify and streamline access control • Single pane of glass integrates piecemeal processes • Federated authentication across multiple systems • Easily apply policies across multiple cloud services Uncover data across multiple cloud services • Avoids exponential proliferation of policies • Apache Ranger based architecture • Scalable to millions of petabytes of data Easy, consistent data sharing and compliance • Easily enable GDPR, CCPA, HIPAA compliance • Manage data distributed across multiple cloud databases, analytics platforms, reporting systems and geographies
CENTRALIZED ACCESS CONTROL • Single pane of glass across all services – cloud & on-prem (Google, AWS, Azure, EMC, ECS etc) • Architected for cloud scale and performance • Dynamic control based on roles, data, metadata
AUTOMATE COMPLIANCE WORKFLOWS Accelerate Data Transformation • Easily share data within privacy constraints • Streamline processes for the right to be forgotten (RTBF), right to erasure, and right to access • Reduce coding and expertise required to ensure compliance Easily Apply Consistent Policies • Replaces piecemeal processes and • Limit exponential policy proliferation Single Integrated System • Easily enable GDPR, CCPA, HIPAA, LGPD compliance • Consistent policies on-prem and in the cloud
SELF-SERVICE ACCESS REQUESTS • Self-service requests by data resource, classification, tag, project, or role • Integrates with provisioning and workflow management tools • Logged and centrally auditable, end-to-end
SCALABLE DATA GOVERNANCE Efficient and automated data sharing • Simplified, streamlined data compliance processes • Consistent tagging, monitoring, auditing and reporting • Streamlined policy creation and enforcement Single pane of glass simplifies security • Comprehensive visibility across cloud services • Centralized, fine-grained access control • Proven scalability leveraging Apache Ranger Automated data transformation • Enforce consistent implementation across geographies • Automate processes for RTBF, GDPR and CCPA
William Brooks Director, Solution Engineering william.brooks@privacera.com www.linkedin.com/in/wbrooks @wcbdata Enabling enterprises to responsibly use their data in the cloud Powered by Apache Ranger
QUESTIONS? tdwi.org
CONTACT INFORMATION If you have further questions or comments: David Loshin, Knowledge Integrity, Inc. loshin@knowledge-integrity.com Bill Brooks, Privacera william.brooks@privacera.com tdwi.org
Thanks to Our Sponsor 3

Recommended

The Economic Value of Data: A New Revenue Stream for Global Custodians
The Economic Value of Data: A New Revenue Stream for Global CustodiansThe Economic Value of Data: A New Revenue Stream for Global Custodians
The Economic Value of Data: A New Revenue Stream for Global CustodiansCognizant
 
Closing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsClosing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsPrivacera
 
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...Vasu S
 
Evtm 281 07_bi2015_infographic_r2h
Evtm 281 07_bi2015_infographic_r2hEvtm 281 07_bi2015_infographic_r2h
Evtm 281 07_bi2015_infographic_r2hNadia Smith
 
Five Elements of Effective Data Access Governance
Five Elements of Effective Data Access Governance Five Elements of Effective Data Access Governance
Five Elements of Effective Data Access Governance Privacera
 
Data Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceData Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceAlation
 
Why You Need to Govern Big Data
Why You Need to Govern Big DataWhy You Need to Govern Big Data
Why You Need to Govern Big DataIBM Analytics
 
Data Catalog as a Business Enabler
Data Catalog as a Business EnablerData Catalog as a Business Enabler
Data Catalog as a Business EnablerSrinivasan Sankar
 

Recommended

The Economic Value of Data: A New Revenue Stream for Global Custodians
The Economic Value of Data: A New Revenue Stream for Global CustodiansThe Economic Value of Data: A New Revenue Stream for Global Custodians
The Economic Value of Data: A New Revenue Stream for Global CustodiansCognizant
 
Closing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsClosing the Governance Gap - Enabling Governed Self-Service Analytics
Closing the Governance Gap - Enabling Governed Self-Service AnalyticsPrivacera
 
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...
TDWI Checklist - The Automation and Optimization of Advanced Analytics Based ...Vasu S
 
Evtm 281 07_bi2015_infographic_r2h
Evtm 281 07_bi2015_infographic_r2hEvtm 281 07_bi2015_infographic_r2h
Evtm 281 07_bi2015_infographic_r2hNadia Smith
 
Five Elements of Effective Data Access Governance
Five Elements of Effective Data Access Governance Five Elements of Effective Data Access Governance
Five Elements of Effective Data Access Governance Privacera
 
Data Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceData Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceAlation
 
Why You Need to Govern Big Data
Why You Need to Govern Big DataWhy You Need to Govern Big Data
Why You Need to Govern Big DataIBM Analytics
 
Data Catalog as a Business Enabler
Data Catalog as a Business EnablerData Catalog as a Business Enabler
Data Catalog as a Business EnablerSrinivasan Sankar
 
Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataPrecisely
 
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipelineQlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipelineSrikanth Sharma Boddupalli
 
Information Security Forum (ISF) Congress 2013
Information Security Forum (ISF) Congress 2013 Information Security Forum (ISF) Congress 2013
Information Security Forum (ISF) Congress 2013 NIHR Clinical Research Network
 
Enterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for HealthcareEnterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for HealthcareDATA360US
 
Chief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - PresentationChief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - PresentationSrinivasan Sankar
 
Gartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit BrochureGartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit BrochureNadia Smith
 
Sgcp14dunlea
Sgcp14dunleaSgcp14dunlea
Sgcp14dunleaJustin Hayward
 
From information to intelligence
From information to intelligence From information to intelligence
From information to intelligence Srini Koushik
 
Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013 Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013 IBM Sverige
 
Choosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your BusinessChoosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your BusinessChicago Hadoop Users Group
 
Case Study For Data Governance Portal
Case Study For Data Governance PortalCase Study For Data Governance Portal
Case Study For Data Governance PortalMike Taylor
 
000 introduction to big data analytics 2021
000 introduction to big data analytics 2021000 introduction to big data analytics 2021
000 introduction to big data analytics 2021Dendej Sawarnkatat
 
AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013Patricia A Gilson
 
Analytics 3.0: Opportunities for Healthcare
Analytics 3.0: Opportunities for HealthcareAnalytics 3.0: Opportunities for Healthcare
Analytics 3.0: Opportunities for HealthcareInternational Institute for Analytics
 
Top 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy TechnologiesTop 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy TechnologiesTyrone Systems
 
ADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data ArchitectureADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data ArchitectureDATAVERSITY
 
IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...IBM (Middle East and Africa)
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeStefan Kühn
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Jean-Michel Franco
 
Accelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data VirtualizationAccelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data VirtualizationDenodo
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxAlistair Pugin
 

More Related Content

What's hot

Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataPrecisely
 
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipelineQlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipelineSrikanth Sharma Boddupalli
 
Enterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for HealthcareEnterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for HealthcareDATA360US
 
Chief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - PresentationChief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - PresentationSrinivasan Sankar
 
Gartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit BrochureGartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit BrochureNadia Smith
 
From information to intelligence
From information to intelligence From information to intelligence
From information to intelligence Srini Koushik
 
Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013 Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013 IBM Sverige
 
Choosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your BusinessChoosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your BusinessChicago Hadoop Users Group
 
Case Study For Data Governance Portal
Case Study For Data Governance PortalCase Study For Data Governance Portal
Case Study For Data Governance PortalMike Taylor
 
000 introduction to big data analytics 2021
000 introduction to big data analytics 2021000 introduction to big data analytics 2021
000 introduction to big data analytics 2021Dendej Sawarnkatat
 
AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013Patricia A Gilson
 
Top 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy TechnologiesTop 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy TechnologiesTyrone Systems
 
ADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data ArchitectureADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data ArchitectureDATAVERSITY
 
IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...IBM (Middle East and Africa)
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeStefan Kühn
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Jean-Michel Franco
 
Accelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data VirtualizationAccelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data VirtualizationDenodo
 

What's hot (20)

Complying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and DataComplying with Cybersecurity Regulations for IBM i Servers and Data
Complying with Cybersecurity Regulations for IBM i Servers and Data
 
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipelineQlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
Qlik wp 2021_q3_data_governance_in_the_modern_data_analytics_pipeline
 
Information Security Forum (ISF) Congress 2013
Information Security Forum (ISF) Congress 2013 Information Security Forum (ISF) Congress 2013
Information Security Forum (ISF) Congress 2013
 
Enterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for HealthcareEnterprise Analytics: Serving Big Data Projects for Healthcare
Enterprise Analytics: Serving Big Data Projects for Healthcare
 
Chief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - PresentationChief Data & Analytics Officer Fall Boston - Presentation
Chief Data & Analytics Officer Fall Boston - Presentation
 
Gartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit BrochureGartner Business Intelligence & Analytics Summit Brochure
Gartner Business Intelligence & Analytics Summit Brochure
 
Sgcp14dunlea
Sgcp14dunleaSgcp14dunlea
Sgcp14dunlea
 
From information to intelligence
From information to intelligence From information to intelligence
From information to intelligence
 
Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013 Building Confidence in Big Data - IBM Smarter Business 2013
Building Confidence in Big Data - IBM Smarter Business 2013
 
Choosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your BusinessChoosing the Right Big Data Architecture for your Business
Choosing the Right Big Data Architecture for your Business
 
Case Study For Data Governance Portal
Case Study For Data Governance PortalCase Study For Data Governance Portal
Case Study For Data Governance Portal
 
000 introduction to big data analytics 2021
000 introduction to big data analytics 2021000 introduction to big data analytics 2021
000 introduction to big data analytics 2021
 
AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013AWC Career Bootcamp- August 21, 2013
AWC Career Bootcamp- August 21, 2013
 
Analytics 3.0: Opportunities for Healthcare
Analytics 3.0: Opportunities for HealthcareAnalytics 3.0: Opportunities for Healthcare
Analytics 3.0: Opportunities for Healthcare
 
Top 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy TechnologiesTop 3 Hot Data Security And Privacy Technologies
Top 3 Hot Data Security And Privacy Technologies
 
ADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data ArchitectureADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
ADV Slides: When and How Data Lakes Fit into a Modern Data Architecture
 
IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...IBM Software Day 2013. Smarter analytics and big data. building the next gene...
IBM Software Day 2013. Smarter analytics and big data. building the next gene...
 
Data quality - The True Big Data Challenge
Data quality - The True Big Data ChallengeData quality - The True Big Data Challenge
Data quality - The True Big Data Challenge
 
Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...Enacting the data subjects access rights for gdpr with data services and data...
Enacting the data subjects access rights for gdpr with data services and data...
 
Accelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data VirtualizationAccelerating Fast Data Strategy with Data Virtualization
Accelerating Fast Data Strategy with Data Virtualization
 

Similar to Maturing Your Organization's Information Risk Management Strategy

Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxAlistair Pugin
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?Albert Hoitingh
 
FDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceFDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceArmin Torres
 
FDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceFDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceArmin Torres
 
From Compliance to Customer 360: Winning with Data Quality & Data Governance
From Compliance to Customer 360: Winning with Data Quality & Data GovernanceFrom Compliance to Customer 360: Winning with Data Quality & Data Governance
From Compliance to Customer 360: Winning with Data Quality & Data GovernancePrecisely
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTuan Phan
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security Governance
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security GovernanceCloudExpo 2015NewYork: Turning The Corner on Cloud Data Security Governance
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security GovernanceEvelyn de Souza
 
Operational Risk Management Data Validation Architecture
Operational Risk Management Data Validation ArchitectureOperational Risk Management Data Validation Architecture
Operational Risk Management Data Validation ArchitectureAlan McSweeney
 
Data Science Salon 2018 - Building a true enterprise data governance platform...
Data Science Salon 2018 - Building a true enterprise data governance platform...Data Science Salon 2018 - Building a true enterprise data governance platform...
Data Science Salon 2018 - Building a true enterprise data governance platform...Data Con LA
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...DataWorks Summit/Hadoop Summit
 
DoD Data Quality Challenges
DoD Data Quality ChallengesDoD Data Quality Challenges
DoD Data Quality ChallengesJay j
 
Five Things to Consider About Data Mesh and Data Governance
Five Things to Consider About Data Mesh and Data GovernanceFive Things to Consider About Data Mesh and Data Governance
Five Things to Consider About Data Mesh and Data GovernanceDATAVERSITY
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
Strata NYC 2015 - Transamerica and INFA v1
Strata NYC 2015 - Transamerica and INFA v1Strata NYC 2015 - Transamerica and INFA v1
Strata NYC 2015 - Transamerica and INFA v1Vishal Bamba
 

Similar to Maturing Your Organization's Information Risk Management Strategy (20)

Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
Top 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptxTop 10 use cases for Microsoft Purview.pptx
Top 10 use cases for Microsoft Purview.pptx
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
 
FDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceFDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection Intelligence
 
FDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection IntelligenceFDA News Webinar - Inspection Intelligence
FDA News Webinar - Inspection Intelligence
 
From Compliance to Customer 360: Winning with Data Quality & Data Governance
From Compliance to Customer 360: Winning with Data Quality & Data GovernanceFrom Compliance to Customer 360: Winning with Data Quality & Data Governance
From Compliance to Customer 360: Winning with Data Quality & Data Governance
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security Authorization
 
Data Governance for Enterprises
Data Governance for EnterprisesData Governance for Enterprises
Data Governance for Enterprises
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
 
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security Governance
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security GovernanceCloudExpo 2015NewYork: Turning The Corner on Cloud Data Security Governance
CloudExpo 2015NewYork: Turning The Corner on Cloud Data Security Governance
 
Operational Risk Management Data Validation Architecture
Operational Risk Management Data Validation ArchitectureOperational Risk Management Data Validation Architecture
Operational Risk Management Data Validation Architecture
 
Data Science Salon 2018 - Building a true enterprise data governance platform...
Data Science Salon 2018 - Building a true enterprise data governance platform...Data Science Salon 2018 - Building a true enterprise data governance platform...
Data Science Salon 2018 - Building a true enterprise data governance platform...
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance Updates
 
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
A Tale of Two Regulations: Cross-Border Data Protection For Big Data Under GD...
 
DoD Data Quality Challenges
DoD Data Quality ChallengesDoD Data Quality Challenges
DoD Data Quality Challenges
 
Five Things to Consider About Data Mesh and Data Governance
Five Things to Consider About Data Mesh and Data GovernanceFive Things to Consider About Data Mesh and Data Governance
Five Things to Consider About Data Mesh and Data Governance
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
 
Strata NYC 2015 - Transamerica and INFA v1
Strata NYC 2015 - Transamerica and INFA v1Strata NYC 2015 - Transamerica and INFA v1
Strata NYC 2015 - Transamerica and INFA v1
 

More from Privacera

Fortifying Data Access and Security Controls to Accelerate Cloud Migration
Fortifying Data Access and Security Controls to Accelerate Cloud MigrationFortifying Data Access and Security Controls to Accelerate Cloud Migration
Fortifying Data Access and Security Controls to Accelerate Cloud MigrationPrivacera
 
Data & the Machine Sofa Summit
Data & the Machine Sofa Summit Data & the Machine Sofa Summit
Data & the Machine Sofa Summit Privacera
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
 
Why enterprise data privacy and security matters more than ever before
Why enterprise data privacy and security matters more than ever beforeWhy enterprise data privacy and security matters more than ever before
Why enterprise data privacy and security matters more than ever beforePrivacera
 
History of Privacera
History of PrivaceraHistory of Privacera
History of PrivaceraPrivacera
 
How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?Privacera
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera
 
Privacera Product Overview: Secure Data Sharing Across Cloud Services
Privacera Product Overview: Secure Data Sharing Across Cloud ServicesPrivacera Product Overview: Secure Data Sharing Across Cloud Services
Privacera Product Overview: Secure Data Sharing Across Cloud ServicesPrivacera
 

More from Privacera (8)

Fortifying Data Access and Security Controls to Accelerate Cloud Migration
Fortifying Data Access and Security Controls to Accelerate Cloud MigrationFortifying Data Access and Security Controls to Accelerate Cloud Migration
Fortifying Data Access and Security Controls to Accelerate Cloud Migration
 
Data & the Machine Sofa Summit
Data & the Machine Sofa Summit Data & the Machine Sofa Summit
Data & the Machine Sofa Summit
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
 
Why enterprise data privacy and security matters more than ever before
Why enterprise data privacy and security matters more than ever beforeWhy enterprise data privacy and security matters more than ever before
Why enterprise data privacy and security matters more than ever before
 
History of Privacera
History of PrivaceraHistory of Privacera
History of Privacera
 
How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?How to streamline data governance and security across on-prem and cloud?
How to streamline data governance and security across on-prem and cloud?
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020
 
Privacera Product Overview: Secure Data Sharing Across Cloud Services
Privacera Product Overview: Secure Data Sharing Across Cloud ServicesPrivacera Product Overview: Secure Data Sharing Across Cloud Services
Privacera Product Overview: Secure Data Sharing Across Cloud Services
 

Recently uploaded

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Recently uploaded (20)

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

Maturing Your Organization's Information Risk Management Strategy

  • 1. March 30, 2021 Maturing Your Organization’s Information Risk Management Strategy David Loshin President, Knowledge Integrity Program Director, Master of Information Management, University of Maryland
  • 3. DAVID LOSHIN President, Knowledge Integrity, Inc. Program Director, Master of Information Management, University of Maryland
  • 4. Information Risk – A Definition • According to Wikipedia there are several definitions of risk, including: – “Risk is the potential for uncontrolled loss of something of value.” – “(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility.” • “Risk” affects the way that a business operates: – Inhibits quality excellence – Has an effect on project objectives – Threat of quantifiable damage, injury, loss, liability, or other negative occurrence that may be avoided through preemptive action • Information risk would be the potential for loss of value due to issues associated with managing information
  • 5. Information Risk & Governance Maturity • Understanding stages of a governance maturity curve help to empower the organization identify systemic risks – Rudimentary – Proficient – Advanced – Sophisticated Operational risk Financial risk Customer risk Reputation risk Compliance risk
  • 6. Data Sensitivity • Growing recognition of risks of exposing individuals’ personal and private information – Emerging indignance over corporations using and selling what is believed to be personal or private information – Increasing number and volume of data breaches – Expanding interest of governmental intervention and protection • A growing inventory of global regulations address the need to secure and protect individuals’ personal and private data • Growing awareness of the general concepts of protection of “sensitive” data
  • 7. Classifying Data Sensitivity dloshin@umd.edu Confidential data Controlled unclassified data Export-controlled data IT security data Government classified data Sensitive corporate data Chain of custody data Personal data
  • 8. Data Sensitivity Assessment & Classification • Assessment – Data discovery to determine if the asset contains potentially sensitive data • Classification – Within the context of defined policies, assign one or more sensitivity classifications to the data asset by data attribute
  • 9. Formalize Approaches to Platform-wide Data Controls Data Owners Data to be shared Classifications PHI PII FINANCIAL_DATA … Roles Claims_Processor Fraud_Analyst Finance_Analyst … Assess sensitivity Define classifications Specify roles Determine privileges Define conceptual data policies Conceptual Policies Claims_Processor may access FINANCIAL_DATA Fraud_Analyst may access PII … Translate conceptual data policies to target systems 1 2 3
  • 10. Interpreting Policies and Assessing Governance Impact GDPR’s Right to Erasure At what point do you determine that personal data are no longer necessary for the purposes for which they were collected? How does your organization “manage consent”? What does it mean to “erase” data? Is the default to erase data that are no longer necessary? How do you keep track of the controllers? How do you notify them? How do you locate all links, copies, replications within your own organization? How do you convey obligations to other controllers?
  • 11. Automate Policy Compliance and Auditing Data Consumer Data Consumer Data Consumer Data Consumer Centralized Policy Portal Enterprise Identity Access Management Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Policy Proxy Row-level & column-level data protection
  • 12. Ensuring Consistency in Governance • Complexity of governance increases with the intricacy of the data architecture • The plethora of applications, each with its own data access control, masking, and data protection techniques adds to the complexity • Formalize a standard for data policy management, deployment, and auditing
  • 13. Considerations • Data protection is a critical component of an information risk management program • The inability to ensure auditability of compliance creates vulnerabilities that are difficult to overcome • Institute governance maturity assessment to support increasing demand for definition, implementation, monitoring, auditing, and reporting of data controls for policy compliance
  • 14. BILL BROOKS Director, Solution Engineering Privacera
  • 15. SIMPLIFY DATA ACCESS GOVERNANCE Presented by: William Brooks 2021 Enabling enterprises to responsibly use their data in the cloud Powered by Apache Ranger
  • 17. Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment
  • 18. AUTOMATED DATA DISCOVERY Assess data sensitivity and classify accordingly
  • 19. AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection ENTERPRISE-GRADE ENCRYPTION
  • 20. AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL COMPLIANCE WORKFLOWS Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment ENTERPRISE-GRADE ENCRYPTION
  • 21. AUTOMATED DATA DISCOVERY CENTRALIZED ACCESS CONTROL COMPLIANCE WORKFLOWS Assess data sensitivity and classify accordingly Formalize approaches to platform-wide access control for data protection Automate policy compliance auditing Institute consistent governance across the hybrid environment ENTERPRISE-GRADE ENCRYPTION
  • 22. THE LEADER IN DATA GOVERNANCE 2012 2014 2015 2016 2017 PRESENT XA Secure Founded Apache Atlas data governance Privacera Platform GA XA Secure acquired by Hortonworks, open source Apache Ranger Privacera founded Multiple Fortune 100 companies Founded in 2016 by the creators of Apache Ranger and Apache Atlas Proven at scale in 2000+ production environments Experienced and accomplished innovators in data and cloud governance. Partner of Databricks, Snowflake, Amazon Web Services and Microsoft
  • 24. Sensitive Data Discovery - Data Classification
  • 25. Define Tags Configure Matching Define Rules Register Data Sources Configure Scanning Configure Workflows EMAIL PERSON_NAME PAYMENT_CARD_NU M MRN DATE_OF_BIRTH Keywords Lookups Patterns Heuristic Models Machine Learning Structured Tag Mapping Unstructured Mapping Post-Processing Groups JDBC Connections Bucket/Container HDFS Database/Schema/Table Path/Filename Include/Exclude Scheduling Near-Realtime Scanning Redaction Encryption Expunging Right to be Forgotten Archival Alerts ADDRESS LINKED_PII Keywords: (ADDR, STREET, APT, ADDRESS…) Lookups: (St, Ln, Blvd, Dr…) Patterns: (?:W|_|^)(d+(s[A- Z0- 9.]+?){1,3}s(?:W|_ |$) rule_street_address: Must Have: c_STREET_ADDRESS AUTO_YES_SCORE Tag: UK_ADDRESS gdpr_linked_pii: classify UK_ADDRESS as LINKED_PII AWS account 34984438 jdbc:postgresql://myd b.privacynth.com:5432 /customer jdbc:postgresql://myd b.privacynth.com:5432 /sales s3://mybycket/custome r_data S3://cust_uploads/inb ound customer/*/* sales/account/* Uploads Zone ● Disallow PII ● Encrypt and Quarantine Operations Zone ● RTBF Requests ● Disallow S3 data movement to Uploads What are we looking for? How do we identify the data? When do we apply the tags and classifications? Where do we look for sensitive data? What resources should we scan? What do we do when we find sensitive data? Discovery Configuration
  • 26. CENTRALIZED ACCESS CONTROL Simplify and streamline access control • Single pane of glass integrates piecemeal processes • Federated authentication across multiple systems • Easily apply policies across multiple cloud services Uncover data across multiple cloud services • Avoids exponential proliferation of policies • Apache Ranger based architecture • Scalable to millions of petabytes of data Easy, consistent data sharing and compliance • Easily enable GDPR, CCPA, HIPAA compliance • Manage data distributed across multiple cloud databases, analytics platforms, reporting systems and geographies
  • 27. CENTRALIZED ACCESS CONTROL • Single pane of glass across all services – cloud & on-prem (Google, AWS, Azure, EMC, ECS etc) • Architected for cloud scale and performance • Dynamic control based on roles, data, metadata
  • 28. AUTOMATE COMPLIANCE WORKFLOWS Accelerate Data Transformation • Easily share data within privacy constraints • Streamline processes for the right to be forgotten (RTBF), right to erasure, and right to access • Reduce coding and expertise required to ensure compliance Easily Apply Consistent Policies • Replaces piecemeal processes and • Limit exponential policy proliferation Single Integrated System • Easily enable GDPR, CCPA, HIPAA, LGPD compliance • Consistent policies on-prem and in the cloud
  • 29. SELF-SERVICE ACCESS REQUESTS • Self-service requests by data resource, classification, tag, project, or role • Integrates with provisioning and workflow management tools • Logged and centrally auditable, end-to-end
  • 30. SCALABLE DATA GOVERNANCE Efficient and automated data sharing • Simplified, streamlined data compliance processes • Consistent tagging, monitoring, auditing and reporting • Streamlined policy creation and enforcement Single pane of glass simplifies security • Comprehensive visibility across cloud services • Centralized, fine-grained access control • Proven scalability leveraging Apache Ranger Automated data transformation • Enforce consistent implementation across geographies • Automate processes for RTBF, GDPR and CCPA
  • 31. William Brooks Director, Solution Engineering william.brooks@privacera.com www.linkedin.com/in/wbrooks @wcbdata Enabling enterprises to responsibly use their data in the cloud Powered by Apache Ranger
  • 33. CONTACT INFORMATION If you have further questions or comments: David Loshin, Knowledge Integrity, Inc. loshin@knowledge-integrity.com Bill Brooks, Privacera william.brooks@privacera.com tdwi.org
  • 34. Thanks to Our Sponsor 3