Successfully reported this slideshow.

Digital security and the IT Department cw500 M Skilton May 22 2014 London v1

580 views

Published on

“Data protection, privacy and the IT department – how to manage the proliferation of data in your organisation”

Hosted by Brian Glick, Editor-in-Chief Computer Weekly.

Speaker lineup

Mark Skilton, Professor of Practice Information Systems and Management at Warwick Business School
Mike Cope, IT Director at University College London
Keith Bucknall, Head of Strategy, Architecture & Infrastructure at Equity Insurance Group
The CW500 Club from Computer Weekly is a private members’ club for senior IT professionals and leading industry figures. Membership is by invitation only and allows access to premium content for IT leaders and a monthly networking event held at the Waldorf Hilton
Aldwych, London, WC2B 4DD

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Digital security and the IT Department cw500 M Skilton May 22 2014 London v1

  1. 1. Prof. Mark Skilton Professor of Practice, Information Systems Management Warwick Business School, UK m.r.skilton@warwick.ac.uk
  2. 2. The rise of data - Digital economy Growing 30% of business is shifting online to search and engage with consumers, markets and transactions taking account of retail , mobile and impact on supply channels (1) 80% of transport, real estate and hotelier activity is processed through websites (2) over 70% of companies and consumers are experiencing cyber-privacy challenges (3), (4) 2Prof Mark Skilton Copy right 2014
  3. 3. The Digital Ecosystem the digital media in social, networks, mobile devices, sensors and the explosion of big data and cloud computing networks is interconnecting potentially everything everywhere – amounting to a new digital “ecosystem” 3Prof Mark Skilton Copy right 2014
  4. 4. Cyber Privacy 4Prof Mark Skilton Copy right 2014 A recent Example..
  5. 5. Cyber Security 5Prof Mark Skilton Copy right 2014 A recent Example..
  6. 6. Things may not be what they appear.. 6Prof Mark Skilton Copy right 2014 In Cyber Security,.. Personas, impersonators, Sales versus technical skills, Service qualities ,…. What are you buying, using , who from ?
  7. 7. Cyber rights Rights are no longer national Erosion of Privacy Instrumentality of key data of the workspace Globalization weakens everyone’s privacy 7Prof Mark Skilton Copy right 2014 Example viewpoints
  8. 8. Age of the Information Panopticon 8Prof Mark Skilton Copy right 2014 Elevation, section and plan of Jeremy Bentham's Panopticon penitentiary, drawn by Willey Reveley, 1791 Presidio Modelo prison, Cuba, 2005 Internet and social Networks 2014..
  9. 9. PCST - Digital Security Strategy 9Prof Mark Skilton Copy right 2014 Privacy TrustConfidentiality Security Mechanisms Tools Standards Optionality in / out (privacy, cookies, ..) Zone Boundary and Domain Policies Encryption & Access Monitoring Policies Assurance (Surveillance) Employment law Commercial Intellectual Property
  10. 10. False dichotomies 10Prof Mark Skilton Copy right 2014 Privacy ≠ Security Zero sum game Positive sumPrivacy and Security
  11. 11. Privacy by Design Privacy is “built in” 1. Proactive not Reactive; Preventative not Remedial 2. Privacy as the Default Setting 3. Privacy Embedded into Design 4. Full Functionality — Positive-Sum, not Zero-Sum 5. End-to-End Security — Full Lifecycle Protection 6. Visibility and Transparency — Keep it Open 7. Respect for User Privacy — Keep it User-Centric The debate is over what is Fair information practices (EU Commission , FTC Federal Trade Commission, FCC ….) 11Prof Mark Skilton Copy right 2014 (1) (2) (3) NYC School of Law, Berkley Technology Law Review 2013 , I&P Commissioner Ontario 2011
  12. 12. Redefinition of Data in the Internet of things
  13. 13. The Quantified Self & Quantified Life 13Prof Mark Skilton Copy right 2014
  14. 14. The rise of Digital Ecosystems 14Prof Mark Skilton Copy right 2014 The “Smart Hotel”
  15. 15. The rise of Digital Ecosystems 15Prof Mark Skilton Copy right 2014
  16. 16. The rise of Digital Ecosystems 16Prof Mark Skilton Copy right 2014
  17. 17. Role of IT Departments 17Prof Mark Skilton Copy right 2014 Digital Non-Digital Physical Context Data Classification Individuals Communities Associations Access Authentication Authorization Boundaries / Domains Audit / Compliance Quality of Context Assurance Legal, Contractual, Political, Rights, Assertions, Privileges Commercial, IP , Copyright , Brand, Image , Reputation Privacy Trust Confidentiality Security Digital Cyber Strategy Technical Assurance SLA - GuaranteesNon-Functional Functional Qualities DR + BC + Resilience Digital Cyber Strategy All actors, components, relationships Objects change Digital Risk Severe loss steady Recovery
  18. 18. Role of the IT Department 18Prof Mark Skilton Copy right 2014 Privacy Trust Confidentiality Security Digital Cyber Strategy Level and control of data disclosure to unauthorized individuals, entities or processes Level and control of data isolation Level and control of individual or organization over access and use of personal data by a 3rd party Level and control of authorization and restriction provided to a individual or 3rd party to use of personal data Level and control of integrity and persistence of data – property of accuracy and completeness Level of non-repudiation - ability to prove a claimed event or action and its originating entities Level of conformity – fulfilment of a requirement Level of IP – Intellectual Property containment and Identity Management Level of monitoring and response action to planned or unplanned security incident – (e.g. DDOS) - A process to determine the status of a system Level of perimeterization Level and control of authentication – provision of assurance that a claimed characteristic of an entity is correct Level and control of authenticity – property that an entity is what it claims to be
  19. 19. Data protection, privacy and the IT department – how to manage the proliferation of data in your organisation Measuring cyber risk Managing data security Enabling innovation 19Prof Mark Skilton Copy right 2014

×