Originally shared at the Gartner Data & Analytics Summit 2018 in Frankfurt, this presentation looks at the conflicts between privacy and machine learning, including common concerns such as link attacks and profiling. The presentation also explores strategies that allow usage of personal information while protecting privacy, including concepts around consent and analytical context and techniques for implementing privacy by design – a cornerstone of General Data Protection Regulation (GDPR) compliance.
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
This presentation was delivered by Shawn E. Tuma, Cybersecurity and Data Privacy Attorney, at the January 27, 2017 meeting of (ISC)² Dallas Fort Worth Chapter.
This presentation was significantly updated from past presentations and included a discussion of the groundbreaking New York Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Services Companies.
The main points of this presentation are:
(1) Cybersecurity events create a crisis situation and should be treated as such;
(2) Cybersecurity incidents are as much legal events as they are IT or Business / Public Relations events;
(3) Companies must have a cybersecurity breach response plan in place and tested, in advance;
(4) While consumer class action data breach litigation is a significant threat to companies and their leadership, it is not as great of a threat as regulatory enforcement by agencies such as the FTC and SEC, or the shareholder derivative claims for officer and director liability; and
(5) The odds are that all company will be breached, but preparation and diligence can help minimize the likelihood that such a breach from being a catastrophic event.
This presentation addresses the role of attorneys as the first responders in leading their clients through cybersecurity and data loss crisis events. The discussion begins by looking at the risk business have of being the victim of a cybersecurity or data loss incident and examining the nature of such incidents and the crisis environment they create. Then, because of this crisis environment, the need for leadership in helping keep the parties calm, rational, and making deliberate, calculated decisions.
The discussion then explains why cybersecurity events are legal events and legal counsel is the natural leader that should fulfill this role and how they can do so. It will then discuss the process legal counsel will take, including assembling the key players in such an event, both internally and externally. It discusses the obligations for responding to such an event, the steps that must be taken, those that must be considered, and certain factors that go into the decision-making process. It briefly addresses the costs of such an incident and the liability issues that can arise from such an incident and failing to properly respond to the incident. This section includes a discussion of the cybersecurity lawsuit landscape, cybersecurity regulatory landscape, and the issue of cybersecurity-related officer and director liability stemming from shareholder derivative lawsuits based on cybersecurity incidents.
It concludes with a discussion of the steps that companies can take to prepare for and be in a better position to respond to and mitigate the negative repercussions of such an incident.
How'd we do in 2013 from a data breach perspective? As we close out the year, are the cupboards / budgets bare and will it be a lean holiday season? Or should we be budgeting a holiday celebration with all of the trappings and a sumptuous New Year?
Borrowing themes from the Charles Dickens holiday classic, this webinar will review industry statistics and other indicators to evaluate how we did in 2013 from a privacy breach and security incident response perspective. Will our mythical CSO and CPO get the Scrooge-like CFO to approve their budget increases? And what will 2014 hold from a security, privacy, and regulatory perspective? Register below to find out.
Our featured speakers for this Dickensian webinar will be:
- Ebenezer Scrooge, Chief Financial Officer, Acme Inc. played by Ted Julian, Chief Marketing Officer, Co3 Systems
- Bob Cratchit, Chief Privacy Officer, Acme Inc. played by Gant Redmon, General Counsel, Co3 Systems
- Tiny Tim, Chief Security Officer, Acme Inc. played by "Tiny" Tim Armstrong, Incident Response Specialist, Co3 Systems
Privacy in today’s connected world is an illusion. All of our transactional data, both online and real-world can be mined. If someone truly wanted access to your information, they could have it with relatively little effort. As a result, privacy has begun to be regarded as a luxury item. What are the risks associated with your behavior? Why are data breaches so prevalent? What can you do to protect yourself? In this presentation, I share subject matter expertise derived from data security research and project-specific cybersecurity trend analysis. I share some practices I’ve developed in an effort to be better educated personally and make more informed choices about my own behavior.
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Shawn Tuma
This presentation was delivered by Shawn E. Tuma, Cybersecurity and Data Privacy Attorney, at the January 27, 2017 meeting of (ISC)² Dallas Fort Worth Chapter.
This presentation was significantly updated from past presentations and included a discussion of the groundbreaking New York Department of Financial Services (NYDFS) Cybersecurity Requirements for Financial Services Companies.
The main points of this presentation are:
(1) Cybersecurity events create a crisis situation and should be treated as such;
(2) Cybersecurity incidents are as much legal events as they are IT or Business / Public Relations events;
(3) Companies must have a cybersecurity breach response plan in place and tested, in advance;
(4) While consumer class action data breach litigation is a significant threat to companies and their leadership, it is not as great of a threat as regulatory enforcement by agencies such as the FTC and SEC, or the shareholder derivative claims for officer and director liability; and
(5) The odds are that all company will be breached, but preparation and diligence can help minimize the likelihood that such a breach from being a catastrophic event.
This presentation addresses the role of attorneys as the first responders in leading their clients through cybersecurity and data loss crisis events. The discussion begins by looking at the risk business have of being the victim of a cybersecurity or data loss incident and examining the nature of such incidents and the crisis environment they create. Then, because of this crisis environment, the need for leadership in helping keep the parties calm, rational, and making deliberate, calculated decisions.
The discussion then explains why cybersecurity events are legal events and legal counsel is the natural leader that should fulfill this role and how they can do so. It will then discuss the process legal counsel will take, including assembling the key players in such an event, both internally and externally. It discusses the obligations for responding to such an event, the steps that must be taken, those that must be considered, and certain factors that go into the decision-making process. It briefly addresses the costs of such an incident and the liability issues that can arise from such an incident and failing to properly respond to the incident. This section includes a discussion of the cybersecurity lawsuit landscape, cybersecurity regulatory landscape, and the issue of cybersecurity-related officer and director liability stemming from shareholder derivative lawsuits based on cybersecurity incidents.
It concludes with a discussion of the steps that companies can take to prepare for and be in a better position to respond to and mitigate the negative repercussions of such an incident.
How'd we do in 2013 from a data breach perspective? As we close out the year, are the cupboards / budgets bare and will it be a lean holiday season? Or should we be budgeting a holiday celebration with all of the trappings and a sumptuous New Year?
Borrowing themes from the Charles Dickens holiday classic, this webinar will review industry statistics and other indicators to evaluate how we did in 2013 from a privacy breach and security incident response perspective. Will our mythical CSO and CPO get the Scrooge-like CFO to approve their budget increases? And what will 2014 hold from a security, privacy, and regulatory perspective? Register below to find out.
Our featured speakers for this Dickensian webinar will be:
- Ebenezer Scrooge, Chief Financial Officer, Acme Inc. played by Ted Julian, Chief Marketing Officer, Co3 Systems
- Bob Cratchit, Chief Privacy Officer, Acme Inc. played by Gant Redmon, General Counsel, Co3 Systems
- Tiny Tim, Chief Security Officer, Acme Inc. played by "Tiny" Tim Armstrong, Incident Response Specialist, Co3 Systems
Privacy in today’s connected world is an illusion. All of our transactional data, both online and real-world can be mined. If someone truly wanted access to your information, they could have it with relatively little effort. As a result, privacy has begun to be regarded as a luxury item. What are the risks associated with your behavior? Why are data breaches so prevalent? What can you do to protect yourself? In this presentation, I share subject matter expertise derived from data security research and project-specific cybersecurity trend analysis. I share some practices I’ve developed in an effort to be better educated personally and make more informed choices about my own behavior.
Automated Data Governance 101 - A Guide to Proactively Addressing Your Privac...DATAVERSITY
“Data privacy,” “data security,” “data protection” –
whatever we call the way we control our data, it isn’t working. Data is as
vulnerable as ever. And this is true for both consumers hoping to keep their
data safe, and for enterprises seeking to govern their corporate and customer
data.
We’re at a crossroads: Governing data and putting data to
use are two dueling objectives, and businesses are stuck in the middle.
Can this problem be solved? In a word: yes.
The answer is through what we call automated Data Governance, which introduces speed, agility, and precision into the process of applying rules on data. Join Immuta for a webinar as we explore these Data Governance challenges and discuss how you can proactively address them with automated Data Governance.
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
Today, balancing business opportunity and customer's data protection has become a difficult challenge. As technology, data sources and targeting abilities grow, so does the crucial need to respect user privacy and ensure a good data protection. But with laws, practices and definitions that are constantly evolving around the world, it can all seem a bit confusing.
Not sure where to start? Wondering how you can better align with privacy law? Then this webinar is for you.
While there is tendency to publicly acclaim GDPR as a wonderful advancement, the sad truth is that EU operators now need sophisticated techniques to extract at least part of the knowledge that is freely available in other Countries. One of the main tools is Data Anonymization. Full anonymization amounts to data destruction. But there are levels. What is actually required to be compliant? How different situations require different anonymization levels? How to measure?
Even though GDPR is a European Union regulation, it impacts any company with customers in that region. One of the first key tasks of the data management team should be to create awareness regarding the impact of GDPR on the business with all key stakeholders across the organization. In order to generate awareness, organizations need to have clearly defined documentation defining the policies, rules, requirements and the impact of non-compliance. Kim Brushaber will look at what is involved with GDPR, what you should be concerned with, and how to get the conversation started between the business and technical teams within your organization using ER/Studio.
Age Friendly Economy - Legislation and Ethics of Data UseAgeFriendlyEconomy
Upon completion of this module you will:
- Be able to recognize the necessity of regulating big data
- Understand the difference between privacy and data protection
- Know how to implement actions of data protection into your own (future) company
Duration of the module: approximately 1 – 2 hours
Internet of Things With Privacy in MindGosia Fraser
Short presentation on privacy and data protection issues related to rapid development of Internet of Things, prepared for Privacy Lab hosted by Mozilla London
TrustUX: balancing personalisation and privacy to create understanding and tr...Ann Wuyts
Sources list: http://www.keek.be/2015/trustux-sources/ (Stats, Quotes, ..)
A talk about ux, trust and privacy - and how these are becoming increasing important in human-computer interaction. This connection we have with our smart-everythings, it is no longer merely about exchanging data back and forth. Our connection with computers now does revolve around values which we normally find in human-to-human relationships: understanding and trust.
We humans expect that these machines do the computing effort to understand us; smart personalisation.We also expect that we can trust these machines – and the companies behind them - to keep what they learn about us to themselves. We expect them to respect our privacy. Our security.
And as designers, we need to deliver great, personal experiences. We also need to deliver trustworthy products. We owe it to both our users and the people who hire us to actively think about privacy, and to implement privacy in the flows and designs we deliver.
Digital Transformation and Data ProtectionSerter Ozturk
This expedited timeline has created vehicles with advanced capabilities but few protections!
Governments are very sensitive about car safety and cyber security issues. For 2017, connectivity is already prioritized on lawmakers’ agendas. It is obvious that the automotive industry’s growth trajectory does not leave much time for reflection.
Data privacy and cybersecurity will become a strong selling point for car buyers. The key will be providing a smooth communication in an easy to understand way despite such protective features.
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
More Related Content
Similar to Can Privacy Exist with Machine Learning? Presentation from Gartner Data & Analytics Summit 2018
Automated Data Governance 101 - A Guide to Proactively Addressing Your Privac...DATAVERSITY
“Data privacy,” “data security,” “data protection” –
whatever we call the way we control our data, it isn’t working. Data is as
vulnerable as ever. And this is true for both consumers hoping to keep their
data safe, and for enterprises seeking to govern their corporate and customer
data.
We’re at a crossroads: Governing data and putting data to
use are two dueling objectives, and businesses are stuck in the middle.
Can this problem be solved? In a word: yes.
The answer is through what we call automated Data Governance, which introduces speed, agility, and precision into the process of applying rules on data. Join Immuta for a webinar as we explore these Data Governance challenges and discuss how you can proactively address them with automated Data Governance.
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
Today, balancing business opportunity and customer's data protection has become a difficult challenge. As technology, data sources and targeting abilities grow, so does the crucial need to respect user privacy and ensure a good data protection. But with laws, practices and definitions that are constantly evolving around the world, it can all seem a bit confusing.
Not sure where to start? Wondering how you can better align with privacy law? Then this webinar is for you.
While there is tendency to publicly acclaim GDPR as a wonderful advancement, the sad truth is that EU operators now need sophisticated techniques to extract at least part of the knowledge that is freely available in other Countries. One of the main tools is Data Anonymization. Full anonymization amounts to data destruction. But there are levels. What is actually required to be compliant? How different situations require different anonymization levels? How to measure?
Even though GDPR is a European Union regulation, it impacts any company with customers in that region. One of the first key tasks of the data management team should be to create awareness regarding the impact of GDPR on the business with all key stakeholders across the organization. In order to generate awareness, organizations need to have clearly defined documentation defining the policies, rules, requirements and the impact of non-compliance. Kim Brushaber will look at what is involved with GDPR, what you should be concerned with, and how to get the conversation started between the business and technical teams within your organization using ER/Studio.
Age Friendly Economy - Legislation and Ethics of Data UseAgeFriendlyEconomy
Upon completion of this module you will:
- Be able to recognize the necessity of regulating big data
- Understand the difference between privacy and data protection
- Know how to implement actions of data protection into your own (future) company
Duration of the module: approximately 1 – 2 hours
Internet of Things With Privacy in MindGosia Fraser
Short presentation on privacy and data protection issues related to rapid development of Internet of Things, prepared for Privacy Lab hosted by Mozilla London
TrustUX: balancing personalisation and privacy to create understanding and tr...Ann Wuyts
Sources list: http://www.keek.be/2015/trustux-sources/ (Stats, Quotes, ..)
A talk about ux, trust and privacy - and how these are becoming increasing important in human-computer interaction. This connection we have with our smart-everythings, it is no longer merely about exchanging data back and forth. Our connection with computers now does revolve around values which we normally find in human-to-human relationships: understanding and trust.
We humans expect that these machines do the computing effort to understand us; smart personalisation.We also expect that we can trust these machines – and the companies behind them - to keep what they learn about us to themselves. We expect them to respect our privacy. Our security.
And as designers, we need to deliver great, personal experiences. We also need to deliver trustworthy products. We owe it to both our users and the people who hire us to actively think about privacy, and to implement privacy in the flows and designs we deliver.
Digital Transformation and Data ProtectionSerter Ozturk
This expedited timeline has created vehicles with advanced capabilities but few protections!
Governments are very sensitive about car safety and cyber security issues. For 2017, connectivity is already prioritized on lawmakers’ agendas. It is obvious that the automotive industry’s growth trajectory does not leave much time for reflection.
Data privacy and cybersecurity will become a strong selling point for car buyers. The key will be providing a smooth communication in an easy to understand way despite such protective features.
The objective of this module is to gain an overview of the ethics surrounding big data and the legislation that governs it.
Upon completion of this module you will:
- Gain knowledge on how to recognize the necessity of regulating big data
- Obtain an understanding of the difference between privacy and data protection
- Understand the need to implement data protection actions into your own business
Similar to Can Privacy Exist with Machine Learning? Presentation from Gartner Data & Analytics Summit 2018 (20)
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
13. GDPR Article 4(1):
'personal data' means any information relating to an identified or identifiable
natural person ('data subject'); an identifiable natural person is one who can be
identified, directly or indirectly, in particular by reference to an identifier such as
a name, an identification number, location data, an online identifier or to one or
more factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that natural person;
27. Towards Practical Differential Privacy for SQL Queries
Johnson, Near, Song, Aug 2017
The Internal study
of queries at Uber
• SQL queries written by
employees at Uber
• 8.1 million queries executed
between March 2013 and
August 2016
• Broad range of sensitive data
including rider and driver
information, trip logs, and
customer support data
27
28. 34% of Uber Data Science
Queries are aggregates
Statistical queries matter!