SlideShare a Scribd company logo

Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public

Secunoid Systems Inc
Secunoid Systems Inc

Privacy Overview What is private data Privacy requirements by jurisdiction PIPEDA-Canada GDPR-Europe Blockchains and Privacy Data storage Privacy crypto currencies

Technology
1 of 20
Download to read offline
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Shahid Sharif Cyber Security: Privacy & Blockchain Perspective Goni Sarakinov
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Disclaimer & License Disclaimer The views and opinions expressed in this presentation are those of the authors. They do not purport to reflect the policies, views, opinions or positions of any other agency, entity, organization, employer or company. License This presentation is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0). You are free to: • Share , copy and redistribute the material in any medium or format • Adapt , remix, transform, and build upon the material for any purpose, even commercially • Under the following terms of Attribution: You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. License details: https://creativecommons.org/licenses/by/4.0/legalcode 2
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Topics • Intro • Privacy Overview • What is Private Data? • Privacy by jurisdiction (We will focus on Canada, the EU and the USA) • Privacy Considerations • Conclusion • Q&A 3
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com BIO’s Shahid Sharif CCSK, CISA, CISSP, CRISC, CSSP, PCIP, PMP IT Security professional with over 20 years of experience in various industries in differentroles.Some ofthe highlights include: • Application Security Assessments • Security Architecture advisory pertaining to Mobile Devices, Networks,Applications,& Systems • Extensive experience in managing and supporting audits related to PCI-DSS, SSAE16. CSAE3416, 5025,SOC2, and SOX • In-depth knowledge and experience on implementing Governance, Risk,& Compliance and supporting frameworks like COBIT 5, NIST, ISO, etc • Extensive experience in creating procedures,policies and standards • In-depth knowledge ofBusiness ContinuityManagementwhich includes BCP,DRP, and Crisis Management. • Private/Public Blockchain technologies LinkedIn: https://www.linkedin.com/in/shahidsharif/ Goni Sarakinov SCF, CISSP, CIPM, CIPT CEO, Sarakinov Consulting Inc., Director of Information Security & Privacy at Libra Enterprises, Inc. is a SABSA Chartered Security Architect, Certified Information System Security Professional (CISSP), Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Technologist (CIPT). Over 20 years’ experience on advising both public and private sector organizations on identifying, developing and deploying solutions to address privacy regulations in Canada, USA and EU, plan and roll-out successful programs encompassing information security and privacy capabilities. LinkedIn: https://www.linkedin.com/in/gonisarakinov 4
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Useful Links ● Slide deck ○ GitHub: https://github.com/secunoid/presentations ○ SlideShare: https://www.slideshare.net/ShahidSharif4 ● Awareness training ○ https://sarakinovconsulting.com/wp/services-grid/training 5
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Privacy Overview From the International Association of Privacy Professionals (IAPP): “Privacy is the right to be let alone, or freedom from interference or intrusion. Information Privacy is the right to have some control over how your personal information is collected and used. In Canada the Personal Information Protection and Electronic Documents Act (PIPEDA): “Personal information includes any factual or subjective information, recorded or not, about an identifiable individual” 6
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Jurisdictions Jurisdiction in which you are doing business matters, for example: • In Canada the Personal Information Protection and Electronic Documents Act (PIPEDA) • Recent update the Digital Privacy Act added new requirements particularly: • Reporting of breaches is mandatory starting November 1st, 2018 • Businesses have to keep a record of *ALL* breaches (whether PII is leaked or not) for 2 years • Fines have been introduced, up to $100,000 per breach • Some provinces have privacy legislation that has been deemed similar, for example Quebec, Alberta, British Columbia • The European Union General Data Protection Regulation (GDPR) • The United States of America does not have comprehensive federal data protection legislation, instead: • Every business is subject to privacy legislation at the Federal and/or State level. • Some States are more active particularly California • California passed the California Consumer Privacy Act this summer (2018) to take effect in 2020 • It provides protection for consumers data online and is similar to the EU GDPR 7
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Some examples of Private Data PIPEDA ● Age ● Name ● ID numbers ● Medical records ● Income ● Ethnic origin ● Opinions ● Evaluations ● Comments ● Social status, or disciplinary actions ● Employee files ● Financial records GDPR ● Personal Data - Ability to identify an individual from the data ○ IP Address ○ Email address ○ Address ○ etc. ● Specialcategories of Personal Data ○ Date of birth ○ Religion ○ Gender ○ Personal lifestyle/affiliations ○ Genetic ○ Race ○ Ethnicity ○ Health, etc. 8
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com EU GDPR-1/2 GDPR stands for General Data Protection Regulation. It is a regulation in EU law on data protection and privacy of European Citizens residing in European Union. It has a global reach with tough sanctions for non conformance. It is all about providing assurances and rights to EU Citizens residing in EU, whose data is being collected by businesses to deliver a service or product. • It has evolved from Data Protection Directive, which came out in 1995 • Adopted in April 2016 with a two year grace period, which came into effect in mid 2018 • Addresses modern use of data • Respect the individual’s right to their personal data 9
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com GDPR-2/2 The French Data Protection Supervisory Authority (the CNIL) is one of the first to publish initial thoughts on blockchain and GDPR compatibility. They covered 4 topics: 1. What solutions for a responsible use of Blockchain involving personal data? 2. How to minimize risk for data subjects when the processing of their data relies on a blockchain? 3. How to ensure the effective exercise of the data subjects’ rights? 4. What are the security requirements? 10
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com 11
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Blockchain Strengths • Note that not all data on a blockchain is encrypted, however data encryption can be made a default easier. • Another advantage is that data can be processed without the use of a key. • Because data on the blockchain is encrypted and split up, getting access is more complex – the malicious actor need to decrypt all the blocks that the data is spread over which use a different algorithms for their security. • Blockchain also has stronger verification controls than traditional models. • Blockchain use for authenticating identity is particularly high. • Allows for higher quality of data that is complete, consistent and accurate (for example, PIPEDA calls for maintaining the accuracy of records) 12
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Blockchain Weaknesses ● Where Blockchain fails is in areas that are considered critical for privacy – access controls and data destruction ● Access is either all or nothing – i.e. access is public for public blockchains or permissions are given to select groups of entities on permissioned blockchains ● Even on permissioned blockchains it not possible to limit access to a part of the blockchain, they would have access to the whole blockchain ● Once data is on the blockchain it is not possible to destroy it ● It is also not possible for users who interact with the data to remain anonymous – once data is on the blockchain it’s there forever 13
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Private & Public Blockchains • Consortiums (Private Blockchains) could rely on off-chain compensating controls to address Confidentiality issues, as part of Consortium Governance. • Public blockchains currently lack the controls required to provide forward looking Confidentiality requirements, and any data stored in a public blockchain could be considered to be at risk and potentially exposed in the future. • A review of use cases, either in public or consortium domains, would reveal that Database technology is not challenged by blockchain technology when considering confidentiality and data retention requirements. 14
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Classification ● Consideration should be placed on the classification of the data (all of the data that the business will be handling), specifically around the inclusion of data elements that require High Confidentiality. For example, this can be Personal Identifiable Information (PII) or business sensitive: • Customer information • Employee information • Intellectual Property ● Public and Consortium Blockchains may not suitable for sharing data across parties, when the data needs to remain confidential to those parties. 15
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Protection-1/2 • Storing or managing data requires that you pay attention to data security requirements. Not doing so could lead to a mis-application of blockchain technology. • Use of blockchain technology for storing PII is strongly not recommended, as it is not likely to comply with evolving privacy legislation: • Once the data is shared, it can not be unshared • Data encryption, as a confidentiality control, is exposed to technology obsolesce • Data that has been shared, and protected with current encryption standards, could be exposed in the future • Current technologies don’t address data retention requirements • Data stored in a blockchain is immutable and cant be updated as per new encryption standards 16
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Protection-2/2 • Depending on the jurisdiction where you will be deploying or using blockchain technology, they may have privacy requirements and/or recommendations as they relate to the use of blockchain technology. 17
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Conclusion • Requirements, Requirements, Requirements • Know the laws of the Jurisdictions you will be targeting • Know what data you are collecting • Know why you are collecting the data • Know how long you can keep the data • Document the design Hint: Consult with qualified Privacy & Security SMEs if you need help. 18
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com 19
Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Thank You! 20

Recommended

Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
zaarahary
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
Prateek Panda
 
Blockchain security a different perspective
Blockchain security a different perspectiveBlockchain security a different perspective
Blockchain security a different perspective
Secunoid Systems Inc
 
What is the future of blockchain in cybersecurity
What is the future of blockchain in cybersecurity What is the future of blockchain in cybersecurity
What is the future of blockchain in cybersecurity
Blockchain Council
 
Role of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure securityRole of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure security
Global Tech Council
 
IT Controls Presentation
IT Controls PresentationIT Controls Presentation
IT Controls PresentationBill Lisse
 
Global Cybersecurity Blockchain Group
Global Cybersecurity Blockchain GroupGlobal Cybersecurity Blockchain Group
Global Cybersecurity Blockchain Group
Maeva Ghonda
 
Second line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : BlockchainSecond line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : Blockchain
Ahmed Banafa
 

Recommended

Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
zaarahary
 
Blockchain in cyber security
Blockchain in cyber securityBlockchain in cyber security
Blockchain in cyber security
Prateek Panda
 
Blockchain security a different perspective
Blockchain security a different perspectiveBlockchain security a different perspective
Blockchain security a different perspective
Secunoid Systems Inc
 
What is the future of blockchain in cybersecurity
What is the future of blockchain in cybersecurity What is the future of blockchain in cybersecurity
What is the future of blockchain in cybersecurity
Blockchain Council
 
Role of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure securityRole of blockchain technology in critical infrastructure security
Role of blockchain technology in critical infrastructure security
Global Tech Council
 
IT Controls Presentation
IT Controls PresentationIT Controls Presentation
IT Controls PresentationBill Lisse
 
Global Cybersecurity Blockchain Group
Global Cybersecurity Blockchain GroupGlobal Cybersecurity Blockchain Group
Global Cybersecurity Blockchain Group
Maeva Ghonda
 
Second line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : BlockchainSecond line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : Blockchain
Ahmed Banafa
 
How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional?
101 Blockchains
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
eraser Juan José Calderón
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
PiyushHipparkar
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of Cybersecurity
Kevin Cedeño, CISM, CISA
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
AbhilashYadav14
 
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs UtrechtDavid Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
Infosecurity2010
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
Ulf Mattsson
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Floyd DCosta
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
ClickSSL
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SMCarlos Valderrama
 
Three trends in cybersecurity
Three trends in cybersecurityThree trends in cybersecurity
Three trends in cybersecurity
Alexander Deucalion
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
Michelangelo van Dam
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
David Strom
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Kroll
 
Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges
Merlec Mpyana
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
Stephen Cobb
 
Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j
Neo4j
 
Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Martin Ruubel
 
A Secure Model of IoT Using Blockchain
A Secure Model of IoT Using BlockchainA Secure Model of IoT Using Blockchain
A Secure Model of IoT Using Blockchain
Altoros
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportCamilo do Carmo Pinto
 
5 blockchain implementation strategy for business
5 blockchain implementation strategy for business5 blockchain implementation strategy for business
5 blockchain implementation strategy for business
Blockchain Council
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Cloud Security Alliance Lviv Chapter
 

More Related Content

What's hot

How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional?
101 Blockchains
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
eraser Juan José Calderón
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
PiyushHipparkar
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of Cybersecurity
Kevin Cedeño, CISM, CISA
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
AbhilashYadav14
 
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs UtrechtDavid Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
Infosecurity2010
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
Ulf Mattsson
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Floyd DCosta
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
ClickSSL
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SMCarlos Valderrama
 
Three trends in cybersecurity
Three trends in cybersecurityThree trends in cybersecurity
Three trends in cybersecurity
Alexander Deucalion
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
Michelangelo van Dam
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
David Strom
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Kroll
 
Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges
Merlec Mpyana
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
Stephen Cobb
 
Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j
Neo4j
 
Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Martin Ruubel
 
A Secure Model of IoT Using Blockchain
A Secure Model of IoT Using BlockchainA Secure Model of IoT Using Blockchain
A Secure Model of IoT Using Blockchain
Altoros
 

What's hot (20)

How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional?
 
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
Blockchain for AI: Review and Open. Research Challenges K. SALAH, M. H. REHMA...
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
 
The Blockchain and the Future of Cybersecurity
The Blockchain and the Future of CybersecurityThe Blockchain and the Future of Cybersecurity
The Blockchain and the Future of Cybersecurity
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
 
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs UtrechtDavid Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
David Burg, Infosecurity.nl, 3 november, Jaarbeurs Utrecht
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
 
Three trends in cybersecurity
Three trends in cybersecurityThree trends in cybersecurity
Three trends in cybersecurity
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
Blockchains: Opportunities & Risks for Law Firms [RelativityFest 2018]
 
Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges Blockchain Security Issues and Challenges
Blockchain Security Issues and Challenges
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j Real Life Examples of Cybersecurity with Neo4j
Real Life Examples of Cybersecurity with Neo4j
 
Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...Combating the enemy within – an elegant mathematical approach to insider thre...
Combating the enemy within – an elegant mathematical approach to insider thre...
 
A Secure Model of IoT Using Blockchain
A Secure Model of IoT Using BlockchainA Secure Model of IoT Using Blockchain
A Secure Model of IoT Using Blockchain
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 

Similar to Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public

5 blockchain implementation strategy for business
5 blockchain implementation strategy for business5 blockchain implementation strategy for business
5 blockchain implementation strategy for business
Blockchain Council
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Cloud Security Alliance Lviv Chapter
 
Creating Trust for the Internet of Things
Creating Trust for the Internet of ThingsCreating Trust for the Internet of Things
Creating Trust for the Internet of Things
PECB
 
Top 10 reasons to get a blockchain expert certification
Top 10 reasons to get a blockchain expert certificationTop 10 reasons to get a blockchain expert certification
Top 10 reasons to get a blockchain expert certification
Blockchain Council
 
Blockchain Technology Trends 2020
Blockchain Technology Trends 2020Blockchain Technology Trends 2020
Blockchain Technology Trends 2020
Blockchain Council
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
Jim Kaplan CIA CFE
 
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
Prolitus Technologies
 
BEGIN BLOCKCHAIN - Module 4 Final.pptx
BEGIN BLOCKCHAIN - Module 4 Final.pptxBEGIN BLOCKCHAIN - Module 4 Final.pptx
BEGIN BLOCKCHAIN - Module 4 Final.pptx
caniceconsulting
 
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
Symantec
 
Cloud Regulations and Security Standards by Ran Adler
Cloud Regulations and Security Standards by Ran AdlerCloud Regulations and Security Standards by Ran Adler
Cloud Regulations and Security Standards by Ran Adler
Idan Tohami
 
Various blockchain specialization domains
Various blockchain specialization domainsVarious blockchain specialization domains
Various blockchain specialization domains
Blockchain Council
 
How blockchain technology help you to enhance your business in 2020
How blockchain technology help you to enhance your business in 2020How blockchain technology help you to enhance your business in 2020
How blockchain technology help you to enhance your business in 2020
Blockchain Council
 
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by DesignSay Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
bradley_g
 
5 ways on how will blockchain impact healthcare
5 ways on how will blockchain impact healthcare5 ways on how will blockchain impact healthcare
5 ways on how will blockchain impact healthcare
Blockchain Council
 
7 new development phases Blossom
7 new development phases Blossom7 new development phases Blossom
7 new development phases Blossom
OliviaJune1
 
How is blockchain technology making the supply chain smarter
How is blockchain technology making the supply chain smarter How is blockchain technology making the supply chain smarter
How is blockchain technology making the supply chain smarter
Blockchain Council
 
Top 7 industries That Will Be Quickly Disrupted By Blockchain
Top 7 industries That Will Be Quickly Disrupted By BlockchainTop 7 industries That Will Be Quickly Disrupted By Blockchain
Top 7 industries That Will Be Quickly Disrupted By Blockchain
Blockchain Council
 
Become a blockchain expert and join the blockchain revolution
Become a blockchain expert and join the blockchain revolutionBecome a blockchain expert and join the blockchain revolution
Become a blockchain expert and join the blockchain revolution
Blockchain Council
 
Trust in the age of blockchain
Trust in the age of blockchainTrust in the age of blockchain
Trust in the age of blockchain
MicheleNati
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain Applications
Ahmed Banafa
 

Similar to Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public (20)

5 blockchain implementation strategy for business
5 blockchain implementation strategy for business5 blockchain implementation strategy for business
5 blockchain implementation strategy for business
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Creating Trust for the Internet of Things
Creating Trust for the Internet of ThingsCreating Trust for the Internet of Things
Creating Trust for the Internet of Things
 
Top 10 reasons to get a blockchain expert certification
Top 10 reasons to get a blockchain expert certificationTop 10 reasons to get a blockchain expert certification
Top 10 reasons to get a blockchain expert certification
 
Blockchain Technology Trends 2020
Blockchain Technology Trends 2020Blockchain Technology Trends 2020
Blockchain Technology Trends 2020
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
 
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
Custom Blockchain vs. Public Blockchains Choosing the Right Path for Your Bus...
 
BEGIN BLOCKCHAIN - Module 4 Final.pptx
BEGIN BLOCKCHAIN - Module 4 Final.pptxBEGIN BLOCKCHAIN - Module 4 Final.pptx
BEGIN BLOCKCHAIN - Module 4 Final.pptx
 
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
Cut The Clutter: What You Have, What You Need, and What You Can Safely Get Ri...
 
Cloud Regulations and Security Standards by Ran Adler
Cloud Regulations and Security Standards by Ran AdlerCloud Regulations and Security Standards by Ran Adler
Cloud Regulations and Security Standards by Ran Adler
 
Various blockchain specialization domains
Various blockchain specialization domainsVarious blockchain specialization domains
Various blockchain specialization domains
 
How blockchain technology help you to enhance your business in 2020
How blockchain technology help you to enhance your business in 2020How blockchain technology help you to enhance your business in 2020
How blockchain technology help you to enhance your business in 2020
 
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by DesignSay Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
Say Good-Bye to Zero-Sum: Say Hello to Privacy and Marketing, by Design
 
5 ways on how will blockchain impact healthcare
5 ways on how will blockchain impact healthcare5 ways on how will blockchain impact healthcare
5 ways on how will blockchain impact healthcare
 
7 new development phases Blossom
7 new development phases Blossom7 new development phases Blossom
7 new development phases Blossom
 
How is blockchain technology making the supply chain smarter
How is blockchain technology making the supply chain smarter How is blockchain technology making the supply chain smarter
How is blockchain technology making the supply chain smarter
 
Top 7 industries That Will Be Quickly Disrupted By Blockchain
Top 7 industries That Will Be Quickly Disrupted By BlockchainTop 7 industries That Will Be Quickly Disrupted By Blockchain
Top 7 industries That Will Be Quickly Disrupted By Blockchain
 
Become a blockchain expert and join the blockchain revolution
Become a blockchain expert and join the blockchain revolutionBecome a blockchain expert and join the blockchain revolution
Become a blockchain expert and join the blockchain revolution
 
Trust in the age of blockchain
Trust in the age of blockchainTrust in the age of blockchain
Trust in the age of blockchain
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain Applications
 

Recently uploaded

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-public

  • 1. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Shahid Sharif Cyber Security: Privacy & Blockchain Perspective Goni Sarakinov
  • 2. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Disclaimer & License Disclaimer The views and opinions expressed in this presentation are those of the authors. They do not purport to reflect the policies, views, opinions or positions of any other agency, entity, organization, employer or company. License This presentation is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0). You are free to: • Share , copy and redistribute the material in any medium or format • Adapt , remix, transform, and build upon the material for any purpose, even commercially • Under the following terms of Attribution: You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. License details: https://creativecommons.org/licenses/by/4.0/legalcode 2
  • 3. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Topics • Intro • Privacy Overview • What is Private Data? • Privacy by jurisdiction (We will focus on Canada, the EU and the USA) • Privacy Considerations • Conclusion • Q&A 3
  • 4. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com BIO’s Shahid Sharif CCSK, CISA, CISSP, CRISC, CSSP, PCIP, PMP IT Security professional with over 20 years of experience in various industries in differentroles.Some ofthe highlights include: • Application Security Assessments • Security Architecture advisory pertaining to Mobile Devices, Networks,Applications,& Systems • Extensive experience in managing and supporting audits related to PCI-DSS, SSAE16. CSAE3416, 5025,SOC2, and SOX • In-depth knowledge and experience on implementing Governance, Risk,& Compliance and supporting frameworks like COBIT 5, NIST, ISO, etc • Extensive experience in creating procedures,policies and standards • In-depth knowledge ofBusiness ContinuityManagementwhich includes BCP,DRP, and Crisis Management. • Private/Public Blockchain technologies LinkedIn: https://www.linkedin.com/in/shahidsharif/ Goni Sarakinov SCF, CISSP, CIPM, CIPT CEO, Sarakinov Consulting Inc., Director of Information Security & Privacy at Libra Enterprises, Inc. is a SABSA Chartered Security Architect, Certified Information System Security Professional (CISSP), Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Technologist (CIPT). Over 20 years’ experience on advising both public and private sector organizations on identifying, developing and deploying solutions to address privacy regulations in Canada, USA and EU, plan and roll-out successful programs encompassing information security and privacy capabilities. LinkedIn: https://www.linkedin.com/in/gonisarakinov 4
  • 5. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Useful Links ● Slide deck ○ GitHub: https://github.com/secunoid/presentations ○ SlideShare: https://www.slideshare.net/ShahidSharif4 ● Awareness training ○ https://sarakinovconsulting.com/wp/services-grid/training 5
  • 6. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Privacy Overview From the International Association of Privacy Professionals (IAPP): “Privacy is the right to be let alone, or freedom from interference or intrusion. Information Privacy is the right to have some control over how your personal information is collected and used. In Canada the Personal Information Protection and Electronic Documents Act (PIPEDA): “Personal information includes any factual or subjective information, recorded or not, about an identifiable individual” 6
  • 7. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Jurisdictions Jurisdiction in which you are doing business matters, for example: • In Canada the Personal Information Protection and Electronic Documents Act (PIPEDA) • Recent update the Digital Privacy Act added new requirements particularly: • Reporting of breaches is mandatory starting November 1st, 2018 • Businesses have to keep a record of *ALL* breaches (whether PII is leaked or not) for 2 years • Fines have been introduced, up to $100,000 per breach • Some provinces have privacy legislation that has been deemed similar, for example Quebec, Alberta, British Columbia • The European Union General Data Protection Regulation (GDPR) • The United States of America does not have comprehensive federal data protection legislation, instead: • Every business is subject to privacy legislation at the Federal and/or State level. • Some States are more active particularly California • California passed the California Consumer Privacy Act this summer (2018) to take effect in 2020 • It provides protection for consumers data online and is similar to the EU GDPR 7
  • 8. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Some examples of Private Data PIPEDA ● Age ● Name ● ID numbers ● Medical records ● Income ● Ethnic origin ● Opinions ● Evaluations ● Comments ● Social status, or disciplinary actions ● Employee files ● Financial records GDPR ● Personal Data - Ability to identify an individual from the data ○ IP Address ○ Email address ○ Address ○ etc. ● Specialcategories of Personal Data ○ Date of birth ○ Religion ○ Gender ○ Personal lifestyle/affiliations ○ Genetic ○ Race ○ Ethnicity ○ Health, etc. 8
  • 9. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com EU GDPR-1/2 GDPR stands for General Data Protection Regulation. It is a regulation in EU law on data protection and privacy of European Citizens residing in European Union. It has a global reach with tough sanctions for non conformance. It is all about providing assurances and rights to EU Citizens residing in EU, whose data is being collected by businesses to deliver a service or product. • It has evolved from Data Protection Directive, which came out in 1995 • Adopted in April 2016 with a two year grace period, which came into effect in mid 2018 • Addresses modern use of data • Respect the individual’s right to their personal data 9
  • 10. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com GDPR-2/2 The French Data Protection Supervisory Authority (the CNIL) is one of the first to publish initial thoughts on blockchain and GDPR compatibility. They covered 4 topics: 1. What solutions for a responsible use of Blockchain involving personal data? 2. How to minimize risk for data subjects when the processing of their data relies on a blockchain? 3. How to ensure the effective exercise of the data subjects’ rights? 4. What are the security requirements? 10
  • 11. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com 11
  • 12. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Blockchain Strengths • Note that not all data on a blockchain is encrypted, however data encryption can be made a default easier. • Another advantage is that data can be processed without the use of a key. • Because data on the blockchain is encrypted and split up, getting access is more complex – the malicious actor need to decrypt all the blocks that the data is spread over which use a different algorithms for their security. • Blockchain also has stronger verification controls than traditional models. • Blockchain use for authenticating identity is particularly high. • Allows for higher quality of data that is complete, consistent and accurate (for example, PIPEDA calls for maintaining the accuracy of records) 12
  • 13. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Blockchain Weaknesses ● Where Blockchain fails is in areas that are considered critical for privacy – access controls and data destruction ● Access is either all or nothing – i.e. access is public for public blockchains or permissions are given to select groups of entities on permissioned blockchains ● Even on permissioned blockchains it not possible to limit access to a part of the blockchain, they would have access to the whole blockchain ● Once data is on the blockchain it is not possible to destroy it ● It is also not possible for users who interact with the data to remain anonymous – once data is on the blockchain it’s there forever 13
  • 14. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Private & Public Blockchains • Consortiums (Private Blockchains) could rely on off-chain compensating controls to address Confidentiality issues, as part of Consortium Governance. • Public blockchains currently lack the controls required to provide forward looking Confidentiality requirements, and any data stored in a public blockchain could be considered to be at risk and potentially exposed in the future. • A review of use cases, either in public or consortium domains, would reveal that Database technology is not challenged by blockchain technology when considering confidentiality and data retention requirements. 14
  • 15. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Classification ● Consideration should be placed on the classification of the data (all of the data that the business will be handling), specifically around the inclusion of data elements that require High Confidentiality. For example, this can be Personal Identifiable Information (PII) or business sensitive: • Customer information • Employee information • Intellectual Property ● Public and Consortium Blockchains may not suitable for sharing data across parties, when the data needs to remain confidential to those parties. 15
  • 16. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Protection-1/2 • Storing or managing data requires that you pay attention to data security requirements. Not doing so could lead to a mis-application of blockchain technology. • Use of blockchain technology for storing PII is strongly not recommended, as it is not likely to comply with evolving privacy legislation: • Once the data is shared, it can not be unshared • Data encryption, as a confidentiality control, is exposed to technology obsolesce • Data that has been shared, and protected with current encryption standards, could be exposed in the future • Current technologies don’t address data retention requirements • Data stored in a blockchain is immutable and cant be updated as per new encryption standards 16
  • 17. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Data Protection-2/2 • Depending on the jurisdiction where you will be deploying or using blockchain technology, they may have privacy requirements and/or recommendations as they relate to the use of blockchain technology. 17
  • 18. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Conclusion • Requirements, Requirements, Requirements • Know the laws of the Jurisdictions you will be targeting • Know what data you are collecting • Know why you are collecting the data • Know how long you can keep the data • Document the design Hint: Consult with qualified Privacy & Security SMEs if you need help. 18
  • 19. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com 19
  • 20. Secunoid Systems Inc. http://www.secunoid.com Sarakinov Consulting Inc. https://sarakinovconsulting.com Thank You! 20