SlideShare a Scribd company logo

Security best ways to protect your intellectual capital

Download as PPTX, PDF
Aconex
Aconex

In today’s digital world, security needs to be a top priority in organisations across every industry. Cybercrime can severely cripple a company’s livelihood. Don’t lose your intellectual capital, avoid the risk. Leading UK security experts, Phil Brown and Steve Maddison, of Ascentor, provide insights to security in the construction industry, including security challenges for a market that is embracing digitisation & preparing for GDPR.

Technology
1 of 31
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Featured Project: Dubai International Airport | US $4.5B Value Trusted by the world’s largest projects Security: Best ways to protect your intellectual capital With
Agenda Introduction BIM, Security & the Building Lifecycle Impacts of the GDPR Aconex Response Q&A Steve Cooper, Aconex Steve Maddison, Ascentor Phil Brown, Ascentor Steve Cooper, Aconex All
Introduction Steve Cooper General Manager UK & Ireland, Aconex
Is information security relevant to construction and refurbishment projects? Information Security and the Building Lifecycle Steve Maddison Principal Consultant, Ascentor Steve.maddison@ascentor.co.uk
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Section1: BIM and Information Security: What are the information security risks to implementing BIM? Section 2: The Building Lifecycle: How do risks to information using BIM change during the building lifecycle? Section 3: Managing BIM Information Security Risks: What basic measures can help manage information security risks? Summary Presentation outline
BIM, Security and the Building Lifecycle – UK Security Expo 2017 What is Building Information Modelling (BIM)? BIM is not a single piece of software or model: It is a new way of information processing and collaboration for construction projects with data embedded within a model BIM Level 2 mandated for HMG projects by 2016: BIM is for the lifetime of the building, not the construction project.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 What types of information are generated? • Diagrams: floor plans, layouts, locations, detailed photos (internal and external), • Documents: proposals, technical options, finance details, contracts, management plans. • Models: laser scan data, point clouds, 3D models. • Meta data: construction elements – details of build specifications and composition. • Specifications: schedules of products and capabilities.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 What are the risks? The information on a building project can be highly sensitive. It can be critical to the delivery of the project and long term support of the built asset. 3D models allow a virtual ‘walk through’ of the building that otherwise wouldn’t be available. Information could be used by potential attackers to disrupt the project, plan physical attacks, support cyber attacks, threaten personnel, disrupt services. Potential threats Terrorists, hackers (professionals, amateurs, political), criminal groups, state sponsored groups, insiders.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 What could possibly go wrong? What could happen? • Inappropriate access to sensitive information (commercial, legal, personal, IP, security); • Information is corrupted or incomplete; • Information is not available when required. And what are the consequences? Project delays, cost increases, service disruption could include: legal, contractual, financial, reputational.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Is information security necessary for BIM? Depends on your viewpoint: • Client - Cares more about avoiding information exposure; • Builder - Focus is on time avoiding cost and time overruns; • Building operator - Concentrates on service delivery to customers; If you don’t think any of this applies to you – then why worry! If it does apply, then why isn’t it built in already?
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information risk and the building lifecycle Stage 0 – Strategic definition Stage 1 – Preparation and brief Stage 2 – Concept and design Stage 3 – Developed design Stage 4 – Technical design Stage 5 – Construction Stage 6 – Handover and close out Stage 7 – In use Increased Information Sharing
BIM, Security and the Building Lifecycle – UK Security Expo 2017 In-use information security risks BIM data is used to support maintenance activities. This leads to: • Increased information dissemination; • Increased access to 3D models and meta data; • Increased data retention. Building management system issues: • Remote access support; • Increased technical vulnerabilities – Internet of Things.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 BIM information is in many different places Customer Information Systems CDE Prime Contractor Information Systems Staff Devices Internet Subcontractor Information Systems Staff Devices Subcontractor Information Systems Staff Devices Cloud Support Systems
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information security awareness and maturity There is a general lack of awareness about Information Security in the construction industry: The level of awareness of information security tends to decrease down the supply chain; Tier 1 contractors are increasingly required contractually to manage risks both for themselves and down the supply chain.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information Security built-in Information Security should be part of the process from the outset. Contracts should specify information security requirements: • Non-functional security requirements; • Employer information requirements; • Security aspects letter.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Know what information is important and what the risks to it are • Identify and value sensitive information assets: - Know what it is and where it is; - Determine customer protection priorities; • Identify and assess risks: Determine if you have something to protect; • Consider: - Who needs access to and why; - Understand if it needs to be accurate and complete; - Know what the availability requirements are. • Have a governance structure: Supplier + customer working together.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Control information sharing • Information assets that are valued and labelled support controlled sharing: Common naming conventions and security gradings. • Balance sharing information with managing access: - Have access controls within the CDE; - Manage all forms of data information sharing. • Roll down information security to supply chain companies; - Basic information security measures; - Monitor and manage information dissemination.
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Lessons learned  Balance information protection and accessibility.  Manage supply chain information security.  Information security extends beyond the project for the life of the building.  Need intelligent suppliers and customers.  Use tools that protect information.  Guidance on Information Security for BIM: Centre for the Protection of the National Infrastructure: http://cpni.gov.uk/ Institution of Engineering and Technology: http://theiet.org/
BIM, Security and the Building Lifecycle – UK Security Expo 2017 Summary BIM is about sharing information in a controlled and secure way. Intelligent customer and Intelligent Supplier. Security needs to cover the entire lifecycle of the built asset. This presentation was delivered to the UK Security Expo Conference on 30 Nov 2017
GDPR and security Phil Brown Lead Consultant, Ascentor info@ascentor.co.uk Impacts of the GDPR
Why working with Ascentor will set you apart General Data Protection Regulation – Coming Soon! 21 GDPR will be enforced across the EU on 25th May 2018. In the UK, it will replace the Data Protection Act 1998. In essence it impacts any business that does business with EU members, regardless of where the processing takes place. Businesses will really need to know & understand: 1. what personal data they hold 2. where the data is being stored 3. the legal condition for processing the data 4. how they will respond to individuals exercising their rights 5. that the Regulation is not prescriptive in that it sets outs out the expectations but does not define how businesses should act – a risk based approach
Why working with Ascentor will set you apart GDPR – the underlying 6 principles 22 The GDPR requires that personal data shall be: 1. processed fairly, lawfully and transparently 2. collected for specified, explicit and legitimate purposes 3. adequate, relevant and limited to what is necessary 4. accurate and, where necessary, kept up to date 5. kept for no longer than is necessary 6. processed in a manner that ensures appropriate security PEOPLE PROCESSES TECHNOLOGY There is no ‘one size fits all’ solution but one approach is to keep the ‘data subject’ foremost in your mind rather than fixating on the most convenient solution.
Why working with Ascentor will set you apart Lawfulness of processing 23 Processing will only be lawful if one of the following conditions is met: the data subject gives consent for one or more specific purposes it’s necessary to meet contractual obligations entered into by the data subject it’s necessary to comply with legal obligations of the controller it’s necessary to protect the vital interests of the data subject it’s necessary for tasks in the public interest or exercise of authority vested in the controller it’s for the purposes of legitimate interests pursued by the controller (there is a balancing test)
Why working with Ascentor will set you apart General conditions for consent 24 The following conditions apply for consent to be valid: controllers must be able to demonstrate that consent was given i.e. the need to keep records written consent must be clear, intelligible and easily accessible, otherwise it’s not binding ticking a box or choosing appropriate technical settings are valid methods more controls apply to obtaining a child’s consent and for processing special categories of personal data Consent to processing data is not necessary for the performance of a contract, so should not be sought
Why working with Ascentor will set you apart The rights of data subjects 25 The controller shall provide any information relating to the data subject in a concise, transparent, intelligible and easily accessible form using clear and plain language, in particular for any information addressed specifically to a child The controller must facilitate the rights of data subjects, the most popular one is likely to be: ‘data subject access request’ (DSAR) – time period reduced from 40 days to 1 calendar month – fees abolished (currently controllers can charge £10) There are exceptions for excessive or vexatious requests – although the onus is on the data controller to prove this is the case
Why working with Ascentor will set you apart What we may expect with GDPR 26 In future, everyone can expect the business collecting personal data to remind or state: the period of time that the data will be stored the right to rectification, erasure, restriction, objection the right to data portability the right to withdraw consent at any time the right to lodge a complaint with a supervisory authority the existence of automated decision-making, including profiling, as well as the anticipated consequences for the data subject the outcome of the data subject’s failure to provide data Privacy notices will need to be well thought out!!
Why working with Ascentor will set you apart Use of the cloud for processing 27 Use of the cloud for storage or processing data is very common, but specific conditions are in place for the moving, storing and processing of personal data. For these reasons, a business should consider: Where data will be stored or could be stored; if it’s outside the EU and certain listed countries then legal processes must be observed The capability of the data processor after considering, inter alia, the following: – Terms and conditions being presented – Proof of information security procedures – Security of data in transit and at rest – Staff access control restrictions – Resilience to service failures/ attacks – Reliance on sub-processors to deliver services – Ability to delete data or have it deleted upon request by the data controller
Aconex Response Steve Cooper General Manager UK & Ireland, Aconex
29 • GDPR - reviewing all processes, policies & systems across all regional / central functions – Making changes where necessary – Compliant by May 2018 • Information security certifications – All hosting environments ISO27001 certified – In addition, Aconex’s internal engineering, operations, support also ISO27001 certified – Extending Cyber Essentials Plus (Q1 ’18) • Investing multiple $millions in ‘Gold Standard’ cyber security protected platform – Commenced FedRAMP certification project in the USA – Single Sign On (SSO) & 2 Factor Authentication (2FA) already released – Incremental updates globally – hosting, hardware, operating system, databases, applications, – Last week moved UK hosting to a new platform higher security headroom Aconex Response
Q&A with our panelists Steve Cooper General Manager UK & Ireland, Aconex Steve Maddison Principal Consultant, Ascentor Phil Brown Lead Consultant, Ascentor
Why working with Ascentor will set you apart Featured Project: Dubai International Airport | US $4.5B Value Trusted by the world’s largest projects Learn more at aconex.com/Demo Lear Our thanks to Steve Cooper, Steve Maddison, and Phil Brown and to you for attending

Recommended

5 methods session 2 webinar slideshare systems co
5 methods session 2 webinar slideshare systems co5 methods session 2 webinar slideshare systems co
5 methods session 2 webinar slideshare systems coAconex
 
Avoid the risk and streamline your project controls
Avoid the risk and streamline your project controlsAvoid the risk and streamline your project controls
Avoid the risk and streamline your project controlsAconex
 
Collaborative project controls across your entire portfolio
Collaborative project controls across your entire portfolioCollaborative project controls across your entire portfolio
Collaborative project controls across your entire portfolioAconex
 
Process Pains - #COMIT2016
Process Pains - #COMIT2016 Process Pains - #COMIT2016
Process Pains - #COMIT2016Comit Projects Ltd
 
The use of Asset Management and BIM to Generate Information Requirements #COM...
The use of Asset Management and BIM to Generate Information Requirements #COM...The use of Asset Management and BIM to Generate Information Requirements #COM...
The use of Asset Management and BIM to Generate Information Requirements #COM...Comit Projects Ltd
 
Edge patterns in the IIoT
Edge patterns in the IIoTEdge patterns in the IIoT
Edge patterns in the IIoTBrad Nicholas
 
Modernize project controls to ensure project success aecom
Modernize project controls to ensure project success aecomModernize project controls to ensure project success aecom
Modernize project controls to ensure project success aecomAconex
 
Automated Construction - Why manufacturing is the future of the sector #COMIT...
Automated Construction - Why manufacturing is the future of the sector #COMIT...Automated Construction - Why manufacturing is the future of the sector #COMIT...
Automated Construction - Why manufacturing is the future of the sector #COMIT...Comit Projects Ltd
 

Recommended

5 methods session 2 webinar slideshare systems co
5 methods session 2 webinar slideshare systems co5 methods session 2 webinar slideshare systems co
5 methods session 2 webinar slideshare systems coAconex
 
Avoid the risk and streamline your project controls
Avoid the risk and streamline your project controlsAvoid the risk and streamline your project controls
Avoid the risk and streamline your project controlsAconex
 
Collaborative project controls across your entire portfolio
Collaborative project controls across your entire portfolioCollaborative project controls across your entire portfolio
Collaborative project controls across your entire portfolioAconex
 
Process Pains - #COMIT2016
Process Pains - #COMIT2016 Process Pains - #COMIT2016
Process Pains - #COMIT2016Comit Projects Ltd
 
The use of Asset Management and BIM to Generate Information Requirements #COM...
The use of Asset Management and BIM to Generate Information Requirements #COM...The use of Asset Management and BIM to Generate Information Requirements #COM...
The use of Asset Management and BIM to Generate Information Requirements #COM...Comit Projects Ltd
 
Edge patterns in the IIoT
Edge patterns in the IIoTEdge patterns in the IIoT
Edge patterns in the IIoTBrad Nicholas
 
Modernize project controls to ensure project success aecom
Modernize project controls to ensure project success aecomModernize project controls to ensure project success aecom
Modernize project controls to ensure project success aecomAconex
 
Automated Construction - Why manufacturing is the future of the sector #COMIT...
Automated Construction - Why manufacturing is the future of the sector #COMIT...Automated Construction - Why manufacturing is the future of the sector #COMIT...
Automated Construction - Why manufacturing is the future of the sector #COMIT...Comit Projects Ltd
 
DHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry WestDHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry WestGovernment Technology & Services Coalition
 
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...Michael Heiss
 
BIM Presentation Germany R3
BIM Presentation Germany R3BIM Presentation Germany R3
BIM Presentation Germany R3Clive Walsh
 
Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019Comit Projects Ltd
 
Application of Analytics in Construction Management
Application of Analytics in Construction ManagementApplication of Analytics in Construction Management
Application of Analytics in Construction ManagementLogiKal Projects
 
System Error
System ErrorSystem Error
System ErrorAgileOnTheBeach
 
SPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services ProcurementsSPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services ProcurementsSPLCouncil
 
Digital and green transformation and ec ppt
Digital and green transformation and ec pptDigital and green transformation and ec ppt
Digital and green transformation and ec pptSoren Gigler
 
Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT kscgreatdane
 
Lightscene 2016: Revolutionising Asset Control Systems
Lightscene 2016: Revolutionising Asset Control SystemsLightscene 2016: Revolutionising Asset Control Systems
Lightscene 2016: Revolutionising Asset Control SystemsInstitution of Lighting Professionals
 
Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction Daljit Banger
 
Waste to Wealth #COMIT2019
Waste to Wealth #COMIT2019Waste to Wealth #COMIT2019
Waste to Wealth #COMIT2019Comit Projects Ltd
 
Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017 Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017 Commodities People
 
Green IT Market Trends
Green IT Market TrendsGreen IT Market Trends
Green IT Market Trendspetefoster
 
What has changed since the crash of 2008
What has changed since the crash of 2008What has changed since the crash of 2008
What has changed since the crash of 2008Construction Economics & Strategies, LLC.
 
Salah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bimSalah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bimSalah Yousif
 
Construction document management 2017-white paper
Construction document management 2017-white paperConstruction document management 2017-white paper
Construction document management 2017-white paperPeter Cholakis
 
Open Innovation in a B2B market
Open Innovation in a B2B marketOpen Innovation in a B2B market
Open Innovation in a B2B marketMichael Heiss
 
Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...Commodities People
 
Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...nibtedu
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCapgemini
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdfControlCase
 

More Related Content

What's hot

Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...Michael Heiss
 
BIM Presentation Germany R3
BIM Presentation Germany R3BIM Presentation Germany R3
BIM Presentation Germany R3Clive Walsh
 
Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019Comit Projects Ltd
 
Application of Analytics in Construction Management
Application of Analytics in Construction ManagementApplication of Analytics in Construction Management
Application of Analytics in Construction ManagementLogiKal Projects
 
SPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services ProcurementsSPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services ProcurementsSPLCouncil
 
Digital and green transformation and ec ppt
Digital and green transformation and ec pptDigital and green transformation and ec ppt
Digital and green transformation and ec pptSoren Gigler
 
Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT kscgreatdane
 
Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction Daljit Banger
 
Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017 Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017 Commodities People
 
Green IT Market Trends
Green IT Market TrendsGreen IT Market Trends
Green IT Market Trendspetefoster
 
Salah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bimSalah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bimSalah Yousif
 
Construction document management 2017-white paper
Construction document management 2017-white paperConstruction document management 2017-white paper
Construction document management 2017-white paperPeter Cholakis
 
Open Innovation in a B2B market
Open Innovation in a B2B marketOpen Innovation in a B2B market
Open Innovation in a B2B marketMichael Heiss
 
Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...Commodities People
 
Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...nibtedu
 

What's hot (20)

DHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry WestDHS HQ Day 2018 - Barry West
DHS HQ Day 2018 - Barry West
 
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
Social Media and ROI: Why use-cases are more compelling than Excel sheets; RI...
 
BIM Presentation Germany R3
BIM Presentation Germany R3BIM Presentation Germany R3
BIM Presentation Germany R3
 
Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019Greater Efficiency in Design for Project Delivery #COMIT2019
Greater Efficiency in Design for Project Delivery #COMIT2019
 
Application of Analytics in Construction Management
Application of Analytics in Construction ManagementApplication of Analytics in Construction Management
Application of Analytics in Construction Management
 
System Error
System ErrorSystem Error
System Error
 
SPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services ProcurementsSPLC 2019 Summit: Sustainability in Cloud-Services Procurements
SPLC 2019 Summit: Sustainability in Cloud-Services Procurements
 
Digital and green transformation and ec ppt
Digital and green transformation and ec pptDigital and green transformation and ec ppt
Digital and green transformation and ec ppt
 
Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT Primer for IT Opportunities with the Convergence of IT & OT
Primer for IT Opportunities with the Convergence of IT & OT
 
Lightscene 2016: Revolutionising Asset Control Systems
Lightscene 2016: Revolutionising Asset Control SystemsLightscene 2016: Revolutionising Asset Control Systems
Lightscene 2016: Revolutionising Asset Control Systems
 
Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction Enterprise Architecture - An Introduction
Enterprise Architecture - An Introduction
 
Waste to Wealth #COMIT2019
Waste to Wealth #COMIT2019Waste to Wealth #COMIT2019
Waste to Wealth #COMIT2019
 
Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017 Digitalization of Trading by Platinion at ETOT 2017
Digitalization of Trading by Platinion at ETOT 2017
 
Green IT Market Trends
Green IT Market TrendsGreen IT Market Trends
Green IT Market Trends
 
What has changed since the crash of 2008
What has changed since the crash of 2008What has changed since the crash of 2008
What has changed since the crash of 2008
 
Salah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bimSalah Yousif, module 1, introduction to bim and the business case of bim
Salah Yousif, module 1, introduction to bim and the business case of bim
 
Construction document management 2017-white paper
Construction document management 2017-white paperConstruction document management 2017-white paper
Construction document management 2017-white paper
 
Open Innovation in a B2B market
Open Innovation in a B2B marketOpen Innovation in a B2B market
Open Innovation in a B2B market
 
Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...Rethinking the organisation of the Back Office by Head of Back Office at Ende...
Rethinking the organisation of the Back Office by Head of Back Office at Ende...
 
Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...Reinforce your working domain with leading-edge BIM training and skills to th...
Reinforce your working domain with leading-edge BIM training and skills to th...
 

Similar to Security best ways to protect your intellectual capital

CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCapgemini
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdfControlCase
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCapgemini
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-securityskumartarget
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
 
Case study financial_services
Case study financial_servicesCase study financial_services
Case study financial_servicesG. Subramanian
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Cloud Standards Customer Council
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 

Similar to Security best ways to protect your intellectual capital (20)

CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trust
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
The fourth industrial revolution
The fourth industrial revolutionThe fourth industrial revolution
The fourth industrial revolution
 
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
Case study financial_services
Case study financial_servicesCase study financial_services
Case study financial_services
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 

More from Aconex

Webinar contract management aconex 6 septembre 2018
Webinar contract management aconex 6 septembre 2018Webinar contract management aconex 6 septembre 2018
Webinar contract management aconex 6 septembre 2018Aconex
 
Webinar contract management aconex 5 juillet 2018
Webinar contract management aconex 5 juillet 2018Webinar contract management aconex 5 juillet 2018
Webinar contract management aconex 5 juillet 2018Aconex
 
5 methods session 1 webinar slideshare colorado hpte_siemensgamesa
5 methods session 1 webinar slideshare colorado hpte_siemensgamesa5 methods session 1 webinar slideshare colorado hpte_siemensgamesa
5 methods session 1 webinar slideshare colorado hpte_siemensgamesaAconex
 
Keep your project moving with aconex contract administration webinar slides
Keep your project moving with aconex contract administration webinar slidesKeep your project moving with aconex contract administration webinar slides
Keep your project moving with aconex contract administration webinar slidesAconex
 
Atelier aconex bim_world_2018
Atelier aconex bim_world_2018Atelier aconex bim_world_2018
Atelier aconex bim_world_2018Aconex
 
Aconex business breakfast Praesentation
Aconex business breakfast PraesentationAconex business breakfast Praesentation
Aconex business breakfast PraesentationAconex
 
Unlocking Engineering and Construction performance webinar apac slideshare
Unlocking Engineering and Construction performance webinar apac slideshareUnlocking Engineering and Construction performance webinar apac slideshare
Unlocking Engineering and Construction performance webinar apac slideshareAconex
 
Digital transformation webinar amer slideshare
Digital transformation webinar amer slideshareDigital transformation webinar amer slideshare
Digital transformation webinar amer slideshareAconex
 
Modernizando controles de proyecto
Modernizando controles de proyectoModernizando controles de proyecto
Modernizando controles de proyectoAconex
 
Mega project not mega problems session 1
Mega project not mega problems session 1Mega project not mega problems session 1
Mega project not mega problems session 1Aconex
 
Mega project not mega problems session 2
Mega project not mega problems session 2Mega project not mega problems session 2
Mega project not mega problems session 2Aconex
 
Aconex connected cost webinar - drive project performance
Aconex connected cost webinar - drive project performanceAconex connected cost webinar - drive project performance
Aconex connected cost webinar - drive project performanceAconex
 
Digital Transformation 2018
Digital Transformation 2018Digital Transformation 2018
Digital Transformation 2018Aconex
 
The rise of the “gigaproject”
The rise of the “gigaproject”The rise of the “gigaproject”
The rise of the “gigaproject”Aconex
 
How to successfully target and secure OBOR projects
How to successfully target and secure OBOR projectsHow to successfully target and secure OBOR projects
How to successfully target and secure OBOR projectsAconex
 
Global Trends in Delivery Projects
Global Trends in Delivery ProjectsGlobal Trends in Delivery Projects
Global Trends in Delivery ProjectsAconex
 
Le BIM en support des études d’exécution
Le BIM en support des études d’exécutionLe BIM en support des études d’exécution
Le BIM en support des études d’exécutionAconex
 
Tendencias actuales en la entrega de proyectos PPP/UTEs-Consorcios
Tendencias actuales en la entrega de proyectos PPP/UTEs-ConsorciosTendencias actuales en la entrega de proyectos PPP/UTEs-Consorcios
Tendencias actuales en la entrega de proyectos PPP/UTEs-ConsorciosAconex
 
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...Aconex
 
Atelier BIM Aconex Présentation Nodal (French)
Atelier BIM Aconex Présentation Nodal (French)Atelier BIM Aconex Présentation Nodal (French)
Atelier BIM Aconex Présentation Nodal (French)Aconex
 

More from Aconex (20)

Webinar contract management aconex 6 septembre 2018
Webinar contract management aconex 6 septembre 2018Webinar contract management aconex 6 septembre 2018
Webinar contract management aconex 6 septembre 2018
 
Webinar contract management aconex 5 juillet 2018
Webinar contract management aconex 5 juillet 2018Webinar contract management aconex 5 juillet 2018
Webinar contract management aconex 5 juillet 2018
 
5 methods session 1 webinar slideshare colorado hpte_siemensgamesa
5 methods session 1 webinar slideshare colorado hpte_siemensgamesa5 methods session 1 webinar slideshare colorado hpte_siemensgamesa
5 methods session 1 webinar slideshare colorado hpte_siemensgamesa
 
Keep your project moving with aconex contract administration webinar slides
Keep your project moving with aconex contract administration webinar slidesKeep your project moving with aconex contract administration webinar slides
Keep your project moving with aconex contract administration webinar slides
 
Atelier aconex bim_world_2018
Atelier aconex bim_world_2018Atelier aconex bim_world_2018
Atelier aconex bim_world_2018
 
Aconex business breakfast Praesentation
Aconex business breakfast PraesentationAconex business breakfast Praesentation
Aconex business breakfast Praesentation
 
Unlocking Engineering and Construction performance webinar apac slideshare
Unlocking Engineering and Construction performance webinar apac slideshareUnlocking Engineering and Construction performance webinar apac slideshare
Unlocking Engineering and Construction performance webinar apac slideshare
 
Digital transformation webinar amer slideshare
Digital transformation webinar amer slideshareDigital transformation webinar amer slideshare
Digital transformation webinar amer slideshare
 
Modernizando controles de proyecto
Modernizando controles de proyectoModernizando controles de proyecto
Modernizando controles de proyecto
 
Mega project not mega problems session 1
Mega project not mega problems session 1Mega project not mega problems session 1
Mega project not mega problems session 1
 
Mega project not mega problems session 2
Mega project not mega problems session 2Mega project not mega problems session 2
Mega project not mega problems session 2
 
Aconex connected cost webinar - drive project performance
Aconex connected cost webinar - drive project performanceAconex connected cost webinar - drive project performance
Aconex connected cost webinar - drive project performance
 
Digital Transformation 2018
Digital Transformation 2018Digital Transformation 2018
Digital Transformation 2018
 
The rise of the “gigaproject”
The rise of the “gigaproject”The rise of the “gigaproject”
The rise of the “gigaproject”
 
How to successfully target and secure OBOR projects
How to successfully target and secure OBOR projectsHow to successfully target and secure OBOR projects
How to successfully target and secure OBOR projects
 
Global Trends in Delivery Projects
Global Trends in Delivery ProjectsGlobal Trends in Delivery Projects
Global Trends in Delivery Projects
 
Le BIM en support des études d’exécution
Le BIM en support des études d’exécutionLe BIM en support des études d’exécution
Le BIM en support des études d’exécution
 
Tendencias actuales en la entrega de proyectos PPP/UTEs-Consorcios
Tendencias actuales en la entrega de proyectos PPP/UTEs-ConsorciosTendencias actuales en la entrega de proyectos PPP/UTEs-Consorcios
Tendencias actuales en la entrega de proyectos PPP/UTEs-Consorcios
 
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...
Une plateforme collaborative qui met le BIM au cœur de votre gestion de proje...
 
Atelier BIM Aconex Présentation Nodal (French)
Atelier BIM Aconex Présentation Nodal (French)Atelier BIM Aconex Présentation Nodal (French)
Atelier BIM Aconex Présentation Nodal (French)
 

Recently uploaded

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 

Recently uploaded (20)

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Security best ways to protect your intellectual capital

  • 1. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Featured Project: Dubai International Airport | US $4.5B Value Trusted by the world’s largest projects Security: Best ways to protect your intellectual capital With
  • 2. Agenda Introduction BIM, Security & the Building Lifecycle Impacts of the GDPR Aconex Response Q&A Steve Cooper, Aconex Steve Maddison, Ascentor Phil Brown, Ascentor Steve Cooper, Aconex All
  • 4. Is information security relevant to construction and refurbishment projects? Information Security and the Building Lifecycle Steve Maddison Principal Consultant, Ascentor Steve.maddison@ascentor.co.uk
  • 5. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Section1: BIM and Information Security: What are the information security risks to implementing BIM? Section 2: The Building Lifecycle: How do risks to information using BIM change during the building lifecycle? Section 3: Managing BIM Information Security Risks: What basic measures can help manage information security risks? Summary Presentation outline
  • 6. BIM, Security and the Building Lifecycle – UK Security Expo 2017 What is Building Information Modelling (BIM)? BIM is not a single piece of software or model: It is a new way of information processing and collaboration for construction projects with data embedded within a model BIM Level 2 mandated for HMG projects by 2016: BIM is for the lifetime of the building, not the construction project.
  • 7. BIM, Security and the Building Lifecycle – UK Security Expo 2017 What types of information are generated? • Diagrams: floor plans, layouts, locations, detailed photos (internal and external), • Documents: proposals, technical options, finance details, contracts, management plans. • Models: laser scan data, point clouds, 3D models. • Meta data: construction elements – details of build specifications and composition. • Specifications: schedules of products and capabilities.
  • 8. BIM, Security and the Building Lifecycle – UK Security Expo 2017 What are the risks? The information on a building project can be highly sensitive. It can be critical to the delivery of the project and long term support of the built asset. 3D models allow a virtual ‘walk through’ of the building that otherwise wouldn’t be available. Information could be used by potential attackers to disrupt the project, plan physical attacks, support cyber attacks, threaten personnel, disrupt services. Potential threats Terrorists, hackers (professionals, amateurs, political), criminal groups, state sponsored groups, insiders.
  • 9. BIM, Security and the Building Lifecycle – UK Security Expo 2017 What could possibly go wrong? What could happen? • Inappropriate access to sensitive information (commercial, legal, personal, IP, security); • Information is corrupted or incomplete; • Information is not available when required. And what are the consequences? Project delays, cost increases, service disruption could include: legal, contractual, financial, reputational.
  • 10. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Is information security necessary for BIM? Depends on your viewpoint: • Client - Cares more about avoiding information exposure; • Builder - Focus is on time avoiding cost and time overruns; • Building operator - Concentrates on service delivery to customers; If you don’t think any of this applies to you – then why worry! If it does apply, then why isn’t it built in already?
  • 11. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information risk and the building lifecycle Stage 0 – Strategic definition Stage 1 – Preparation and brief Stage 2 – Concept and design Stage 3 – Developed design Stage 4 – Technical design Stage 5 – Construction Stage 6 – Handover and close out Stage 7 – In use Increased Information Sharing
  • 12. BIM, Security and the Building Lifecycle – UK Security Expo 2017 In-use information security risks BIM data is used to support maintenance activities. This leads to: • Increased information dissemination; • Increased access to 3D models and meta data; • Increased data retention. Building management system issues: • Remote access support; • Increased technical vulnerabilities – Internet of Things.
  • 13. BIM, Security and the Building Lifecycle – UK Security Expo 2017 BIM information is in many different places Customer Information Systems CDE Prime Contractor Information Systems Staff Devices Internet Subcontractor Information Systems Staff Devices Subcontractor Information Systems Staff Devices Cloud Support Systems
  • 14. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information security awareness and maturity There is a general lack of awareness about Information Security in the construction industry: The level of awareness of information security tends to decrease down the supply chain; Tier 1 contractors are increasingly required contractually to manage risks both for themselves and down the supply chain.
  • 15. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Information Security built-in Information Security should be part of the process from the outset. Contracts should specify information security requirements: • Non-functional security requirements; • Employer information requirements; • Security aspects letter.
  • 16. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Know what information is important and what the risks to it are • Identify and value sensitive information assets: - Know what it is and where it is; - Determine customer protection priorities; • Identify and assess risks: Determine if you have something to protect; • Consider: - Who needs access to and why; - Understand if it needs to be accurate and complete; - Know what the availability requirements are. • Have a governance structure: Supplier + customer working together.
  • 17. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Control information sharing • Information assets that are valued and labelled support controlled sharing: Common naming conventions and security gradings. • Balance sharing information with managing access: - Have access controls within the CDE; - Manage all forms of data information sharing. • Roll down information security to supply chain companies; - Basic information security measures; - Monitor and manage information dissemination.
  • 18. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Lessons learned  Balance information protection and accessibility.  Manage supply chain information security.  Information security extends beyond the project for the life of the building.  Need intelligent suppliers and customers.  Use tools that protect information.  Guidance on Information Security for BIM: Centre for the Protection of the National Infrastructure: http://cpni.gov.uk/ Institution of Engineering and Technology: http://theiet.org/
  • 19. BIM, Security and the Building Lifecycle – UK Security Expo 2017 Summary BIM is about sharing information in a controlled and secure way. Intelligent customer and Intelligent Supplier. Security needs to cover the entire lifecycle of the built asset. This presentation was delivered to the UK Security Expo Conference on 30 Nov 2017
  • 20. GDPR and security Phil Brown Lead Consultant, Ascentor info@ascentor.co.uk Impacts of the GDPR
  • 21. Why working with Ascentor will set you apart General Data Protection Regulation – Coming Soon! 21 GDPR will be enforced across the EU on 25th May 2018. In the UK, it will replace the Data Protection Act 1998. In essence it impacts any business that does business with EU members, regardless of where the processing takes place. Businesses will really need to know & understand: 1. what personal data they hold 2. where the data is being stored 3. the legal condition for processing the data 4. how they will respond to individuals exercising their rights 5. that the Regulation is not prescriptive in that it sets outs out the expectations but does not define how businesses should act – a risk based approach
  • 22. Why working with Ascentor will set you apart GDPR – the underlying 6 principles 22 The GDPR requires that personal data shall be: 1. processed fairly, lawfully and transparently 2. collected for specified, explicit and legitimate purposes 3. adequate, relevant and limited to what is necessary 4. accurate and, where necessary, kept up to date 5. kept for no longer than is necessary 6. processed in a manner that ensures appropriate security PEOPLE PROCESSES TECHNOLOGY There is no ‘one size fits all’ solution but one approach is to keep the ‘data subject’ foremost in your mind rather than fixating on the most convenient solution.
  • 23. Why working with Ascentor will set you apart Lawfulness of processing 23 Processing will only be lawful if one of the following conditions is met: the data subject gives consent for one or more specific purposes it’s necessary to meet contractual obligations entered into by the data subject it’s necessary to comply with legal obligations of the controller it’s necessary to protect the vital interests of the data subject it’s necessary for tasks in the public interest or exercise of authority vested in the controller it’s for the purposes of legitimate interests pursued by the controller (there is a balancing test)
  • 24. Why working with Ascentor will set you apart General conditions for consent 24 The following conditions apply for consent to be valid: controllers must be able to demonstrate that consent was given i.e. the need to keep records written consent must be clear, intelligible and easily accessible, otherwise it’s not binding ticking a box or choosing appropriate technical settings are valid methods more controls apply to obtaining a child’s consent and for processing special categories of personal data Consent to processing data is not necessary for the performance of a contract, so should not be sought
  • 25. Why working with Ascentor will set you apart The rights of data subjects 25 The controller shall provide any information relating to the data subject in a concise, transparent, intelligible and easily accessible form using clear and plain language, in particular for any information addressed specifically to a child The controller must facilitate the rights of data subjects, the most popular one is likely to be: ‘data subject access request’ (DSAR) – time period reduced from 40 days to 1 calendar month – fees abolished (currently controllers can charge £10) There are exceptions for excessive or vexatious requests – although the onus is on the data controller to prove this is the case
  • 26. Why working with Ascentor will set you apart What we may expect with GDPR 26 In future, everyone can expect the business collecting personal data to remind or state: the period of time that the data will be stored the right to rectification, erasure, restriction, objection the right to data portability the right to withdraw consent at any time the right to lodge a complaint with a supervisory authority the existence of automated decision-making, including profiling, as well as the anticipated consequences for the data subject the outcome of the data subject’s failure to provide data Privacy notices will need to be well thought out!!
  • 27. Why working with Ascentor will set you apart Use of the cloud for processing 27 Use of the cloud for storage or processing data is very common, but specific conditions are in place for the moving, storing and processing of personal data. For these reasons, a business should consider: Where data will be stored or could be stored; if it’s outside the EU and certain listed countries then legal processes must be observed The capability of the data processor after considering, inter alia, the following: – Terms and conditions being presented – Proof of information security procedures – Security of data in transit and at rest – Staff access control restrictions – Resilience to service failures/ attacks – Reliance on sub-processors to deliver services – Ability to delete data or have it deleted upon request by the data controller
  • 28. Aconex Response Steve Cooper General Manager UK & Ireland, Aconex
  • 29. 29 • GDPR - reviewing all processes, policies & systems across all regional / central functions – Making changes where necessary – Compliant by May 2018 • Information security certifications – All hosting environments ISO27001 certified – In addition, Aconex’s internal engineering, operations, support also ISO27001 certified – Extending Cyber Essentials Plus (Q1 ’18) • Investing multiple $millions in ‘Gold Standard’ cyber security protected platform – Commenced FedRAMP certification project in the USA – Single Sign On (SSO) & 2 Factor Authentication (2FA) already released – Incremental updates globally – hosting, hardware, operating system, databases, applications, – Last week moved UK hosting to a new platform higher security headroom Aconex Response
  • 30. Q&A with our panelists Steve Cooper General Manager UK & Ireland, Aconex Steve Maddison Principal Consultant, Ascentor Phil Brown Lead Consultant, Ascentor
  • 31. Why working with Ascentor will set you apart Featured Project: Dubai International Airport | US $4.5B Value Trusted by the world’s largest projects Learn more at aconex.com/Demo Lear Our thanks to Steve Cooper, Steve Maddison, and Phil Brown and to you for attending

Editor's Notes

  1. Good morning – I am Steve Maddison and I am going to talk to you about Information Security and Building Lifecycle: Consultant with Ascentor – IRM– clients in the construction industry - IS aspects of procuring services for major construction and refurbishment projects for a public body. Presentation considers the information security aspects of a construction or refurbishment project. I am going to focus in particular on Building Information Modelling (BIM) as it is a commonly used approach for construction projects. Whether BIM is used or not the principles of information security are relevant in the same way.
  2. BIM and Information Security: What is BIM? What information is generated during a construction project? What are the risks to information using BIM? Is Information Security necessary with BIM? The Building Lifecycle Stages of a building or infrastructure project and the information generated at each stage Where is the information Information Security Awareness in the supply chain In Use risks Managing information security risks: The measures to manage information security risks? Lessons Learned Summary Questions
  3. BIM is used for a wide variety of construction and infrastructure projects and I am going to refer to the use case of the construction of a generic building rather then use the jargon term ‘built asset’ – but that is what is meant. Process of designing a building or structure collaboratively using a single coherent system of computer models. Each discipline or organisation creates its own model using laser scanned information and detailed photographs to build the combined model in a common data environment or CDE. Models are amalgamated to provide a combined view of the entire project with 3D geometrical and non-graphical data. BIM puts information sharing at the centre of the design, construction and delivery process. Also means information management becomes essential. BIM Level 2: mandated for all government projects. It means: Collaborative 3D BIM models - with all project and asset information, documentation and data being electronic. Not only about how a building is put together but also how it is managed subsequently because there will be extensive re-use and development of BIM information. So BIM runs for the lifetime of the building and so does the information security.
  4. What types of information are generated during a construction project? Diagrams basic level will show locations, building layout with entrances, exits and main features. Supported by high definition photos which will show the detail of features internal and external. More detailed diagrams will add the layouts for utilities (power and water) as well as access point, control locations, plant room locations, HVAC details Could include evacuation routes, fire assembly areas, More detail for IT systems, cabling runs, server room and data storage areas. Security details; cabling and control points for alarms systems, locations for CCTV. cameras, security control rooms, data centres. Even for something innocuous like a supermarket this could be sensitive information – knowing where the guards are located and where the alarms are. There will be a large volume of documents will provide technical details to support diagrams but will also include commercially sensitive with details of bids, costings and contracts. Models: become a visual summary of all the high level information and allow a 3D view of the project and the ability to see what changes might look like. The model includes the metadata which provides the details for each component. Schedules will give detailed specifications of equipment (CCTV capabilities, - is a camera IR or not and area of coverage. Information is needed by the various teams to complete their part of the task and that requires sharing it amongst the teams to provide effective collaboration in a timely manner.
  5. Information in the CDE can be sensitive in its own right and but is essential to the smooth delivery of a construction project and the smooth operation of the building for its lifetime. Could be exploited for negative purposes at any time during this lifetime and could be used to either plan or conduct physical or cyber attacks of various types. 3D models in particular give a visual impression of a place that the viewer may not have been to and enables the viewer to walk though a virtual environment and understand key locations and features. Information from construction projects is vulnerable to the various people who want to exploit it. The list of possible threats is shown on the slide. Threats vary for each project but at least one of them, if not most of them, will be applicable to some extent to every project. Should also add environmental threats (F/F/Q) This is not about ‘reds under the beds’ seeking to get at classified government information, there is definitely an aspect of that for some projects. Also critical national infrastructure assets (mostly of which are commercially operated) and wider commercial interests – especially for construction projects. Competition for projects can be very fierce and some organisations will seek ways to get an edge over competitors.
  6. We have identified types of sensitive information, and that should not be made publicly available. Apart from any thing else there will be contractual and legal requirements not to divulge commercial information . A lot of the information is critical not only to the smooth delivery of the project, but also when the building is being used. If that information was inaccurate or incomplete it would cause disruption. Similarly If it was lost, stolen or deleted that would also cause disruption. The relative importance of these risks varies but if for example the data on the CDE was not available - hacking attack causes denial of service, fire in the data centre, ransomware attack; will have consequences such as cost/time over runs, service disruption and importantly reputational damage. The sky is not falling in – it is about recognising that information is key to delivering construction projects and operating building services. Construction projects create a lot of information and BIM concentrates that information in fewer places – accidents happen and there are bad people out there. The things that could go wrong will exist for as long the building exists – but they do change over time.
  7. Context is key: not all information on every building project is sensitive all of the time to everyone. But some of it is sensitive to some people some of the time Client might care about information sensitivity. Will certainly care about delays, increased costs and about vulnerabilities that could be exploited in the building life cycle to disrupt service delivery. Builder will care about: costs, delays and reputational damage Building operator will care about: the maintenance of building services to customers and the smooth operation of building management systems. If you think that none of this applies to your construction projects, if you don’t have any valuable information and the threats aren’t relevant – then don’t worry. I suspect however that your projects do want to be delivered on time and to budget and that there is probably sensitive information involved. Information security is not inherently part of construction projects because not enough customers have required it. Also not enough suppliers see it as an essential part of the service and it is perceived as an unnecessary overhead. If it is not in the contract and could cost extra to provide why should it be provided?
  8. I have used the definitions from the RIBA to describe the stages of a construction project to describe how the volume, detail and complexity of information grows over the various stages. In stages 0 and 1 there is a limited amount of relatively high level information in the development of the project. In Stages 2 and 3 a significant volume of detailed and sensitive information needs to be shared with a much larger number of people as part of the design development process. Any tendering process means that information is sent out to multiple organisations and only 1 company wins the contract. The need to share increases as more people are involved n Stage 4 and 5. More information shared to a lower level of the supply chain. Does the bricklaying company need full access to the 3D model with all metadata to do their job? Stage 6 denotes the end of the project for the supplier (normally) but is a continuation of information security risk for the client. Stage 7 see another growth in information dissemination as t is shared with a fresh group of maintenance and accommodation management teams.
  9. In use is the longest stage as it lasts for the operational life of the building. Information will be shared widely with organisations providing building service management, maintenance activities and customer services. Information will be updated to reflect changes and the volume and detail of information will continue to grow. Risks during the period will develop: - Information compromised earlier in the construction phases may now support attacks (cyber / physical / personnel) during this period. The purpose of buildings may change – it might originally be of low significance but more important occupant could make it more of a target. Vulnerabilities will change as technology changes – advent of smart buildings. Building management systems are critical and the way they have been installed and configured may now represent vulnerabilities: Remote access support: examples already of BMS being compromised by cyber attacks on supply chain companies to compromise IT system credentials leading to compromise of building user IT systems. Remote take over of CCTV cameras. Internet of things – smart building systems and technologies can be compromised unless security has been designed in. So how do we manage those risks?
  10. Information comes in hard copy, soft copy and ‘pink (held in people’s heads) and risks to information can exist wherever it is stored, processed or transported. Diagram shows a likely model for information dissemination. Explain route The number of participants will change during the building lifecycle, with the number of subcontractors increasing for Construction, decreasing for Handover but then increasing again during In-use as maintenance and service companies provide support and BIM information is used for other purposes. Note that cloud systems (O365 etc) are included as most modern companies will outsource IT functions and these cloud services come with their own risks. Staff devices may be laptops, tablets, smartphones – often BYOD. Data volumes expand, detail increases, more organisations need access to some or a lot of the data
  11. There is a general lack of awareness about information security in the construction industry - this might be a contentious statement but is based upon my own albeit limited experience. Tier 1 Contractors: -some are aware and have some measures in place. Few are able to coherently summarise their IS capabilities for a project. Smaller companies often less aware and less able to afford security aspects: CE, CE Plus, IASME, ISO27001. Tier 1 contractors have to manage all risks in the supply chain and this will increasingly include information security risks.
  12. So, if we have information that is critical to project delivery and which underpins the security of services, building maintenance and customer activities then it makes sense to do something to safeguard that information at the outset, when it is cheaper and more convenient to build it in. You can’t predict every change to use of a building or every future technological change or reduce the threat, but you can take basic sensible measures at the outset to either reduce the likelihood of a vulnerability being exploited. The message therefore is for BIM projects build in information security at the start of a project. The first way of doing this to have information security in the contracts between customer and supplier. ITTs should have NFSR Contracts should have EIRS. Security Aspects Letter: customer to supplier identifying sensitive information. Customers should specify security requirements in the contract and choose a tier 1 that has got some evidence of good practice.
  13. Consider use of data flow diagrams to show what information is where. The threats to information stores increase as the volume and detail of information grows. Conduct a risk assessment – many ways of doing this and shouldn’t be complicated. Identify what information is important and why. Identify who needs access to what data. How important is information accuracy? How important is information availability? Have a governance structure – understand know who owns the risks to information and who is responsible managing which aspects. Appoint SQEP personnel to manage security aspects Information security as an agenda item for project management Structure for decision making and escalation of security issues to managers Client and supplier work together Sounds too much like motherhood and apple pie, but it all about the basics in the first instance.
  14. If information assets are identified, valued and labelled this will support controlled sharing Have a common information security grading system for information in all forms. Make sue that it is applied to information objects in the CDE. Balance need to share balance with need to know; Choose a CDE that implements security such as access controls, data encryption and strong (multi factor) authentication. Access controls within the CDE Manage all forms of data information sharing – e-mail, media, telephone, Ensure that information security requirements are levied on supply chain companies; Basic information security measures; CE / CE Plus, ISO27001, SAE16/18, ISAE 3402 Need a mechanism for contractually rolling down security requirements Need monitoring function for supply chain companies.
  15. Some of the benefits of BIM are the use of a common environment for managing information that can be shared more efficiently and to improve collaboration. Security must support those aims, not hamper them, so the key message is to balance information sharing with information security. Understand what information you care about, identify the risks to it and manage them in a common sense way. The information security aspects for BIM projects extend for the lifetime of whatever has been built. The ‘in-use’ phase is the longest and consideration must be given to information security for the whole of that period. Need intelligent suppliers = can be a market differentiator Need intelligent customers – know and value information assets. Tools such as CDE should be able to help protect information through access controls, encryption and strong authentication so pick those that have security features. Guidance is available from a number of sources: CPNI: http://cpni.gov.uk/ CPNI – PAS1192-5 is the standard from the Centre for the Protection of National Infrastructure (CPNI) that provides guidance on BIM security. Specifically it provides requirements for how to manage BIM. Institution of Engineering and technology; Code of Practice for Cyber Security in the Built Environment
  16. 3 points to take away: - Share information in a controlled manner in a secure environment Intelligent customer specifies security requirements in contracts, Intelligent supplier anticipates the security requirements and supports a less knowledgeable customer Information security is for the lifetime of the building and not just for the delivery phase. Any Questions?
  17. GDPR will be enforced across the EU on 25th May 2018 without the need for further member state intervention. In the UK, it will replace the Data Protection Act 1998. Its impact is not confined to the EU, but to any business that does business with EU members, regardless of where the processing takes place. Some key points: The Regulation is not prescriptive There is no ‘one size fits all’ solution Implementation is set against principles Businesses will really need to know & understand: what personal data they hold where the data is being stored the legal condition for processing the data how they will respond to individual exercising their rights It’s on its way and it’s about to impact an awful lot of people and businesses around the world The regulation redresses the balance of control of personal data between the consumer and business
  18. Key to the application of the principles is ACCOUNTABILITY To be GDPR ready, people, processes and technology need to be considered in equal measure GDPR is not a certification scheme There is no ‘one size fits all’ solution but one approach is to keep the ‘data subject’ foremost in your mind rather than fixating on the most convenient solution for the business
  19. If you would like to provide your email addresses or a general contact email address, that could also be on this slide.