Thales - LED and DP from a Vendor's Perspective

•

0 likes•198 views

techUK

Presentations on How Will Policing and Justice Be Affected By the Data Protection Bill? event held on 14 November

Technology

www.thalesesecurity.com
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
‘Life’s a breach!’
LED and DP from a Vendor’s
perspective

2
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
https://www.youtube.com/watch?v=18NiLtL
M78g

3
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Level set and reality check

4
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Verracity, velocity and the victim
Ransomware
Threat analysis
Predict and prepare

5
This document may not be reproduced, modified , adapted, published, translated,
in any way , in whole or in part or disclosed to a third party without prior written
consent of Thales - Thales © 2016 All rights reserved.
THALES GROUP INTERNAL
The changing and challenging world…

6
This document may not be reproduced, modified , adapted, published, translated,
in any way , in whole or in part or disclosed to a third party without prior written
consent of Thales - Thales © 2016 All rights reserved.
THALES GROUP INTERNAL
Last 2 years…
£80,000
£150,000
£150,000
Mobile phone personal
data
External email of
sensitive list
Lost un-encrypted
CD’s

7
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
View from a Vendor’s lense…

8
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Select Solutions that Address Key DP Requirements
▌ Data encryption
File, database and application-level encryption
for data at rest
Network encryption for data in motion
▌ Trust & Identity management
Privileged user access management and strong authentication ensure that only
authorized users and devices can access personal data
▌ Strong key protection & management
Encryption key protection based on industry best practices

9
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
attempted a read
and was denied access
Admin Dirk Snowman imitated user steve
this file because he violated the policy

10
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Underpin everything with strong KP & M
▌ Key protection & management
Encryption key protection based on industry best practices
- FIPS-certified security
- Tamper-resistant hardware
- Automated key lifecycle & replacement
- Centralized management of encryption keys
and policies
- Consolidated key management DB’s, Oracle and Microsoft SQL
Server
Hardware Security Modules
Security Manager Platform

11
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
SaaS
(Key Management)
Public Cloud
Cloud Service Providers
Be flexible and use the Cloud
CSP
Types
• ASP
• HSP
• MSP
• MSS
P
• IaaS
• PaaS

12
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Key Management Integration with Cloud Providers
▌ Control is Critical
Customers need to maintain control of their data in the cloud. Controlling encryption keys is
critical to controlling risk
▌ Single Pane of Glass Mitigates Risk
Enterprise are Looking for Single Pane of Glass to govern all of their enterprise keys
▌ Compliance Mandates Need to Be Addressed
Internal and External Compliance Mandates Required Added Security to Existing CSP Key
Management Services
▌ Business Continuity by Tight Integration with Cloud Service Providers
Define and control key management lifecycle processes that tightly integrate with the CSPs
security protocols to ensure data security process compliance without impacting business
productivity.

13
This document may not be reproduced, modified, adapted, published, translated,
in any way, in whole or in part, or disclosed to a third party without prior written
consent of Thales - Thales © 2017 All rights reserved.
OPEN
THALES GROUP INTERNAL
THALES GROUP CONFIDENTIAL
THALES GROUP SECRET
Thanks very much
Jules
07817 832167
Julian.anderson@thales-esecurity.com

"As you set out to scale your business, the leadership team has address a range of critical topics such as: - develop and formulate your culture – and maintain it as you grow create and implement a clear planning & management framework that ensures all functions are aligned hire, enable, develop and maintain a world-class team build a predictable and effective revenue generating “machine” make your customers successful and turn them into vocal fans Learn from successes – and failures – accumulated at Postini/Google, Symantec (integrating MessageLabs), DocuSign, Okta, Siteimprove and Keepit and leave armed with the key things to be aware of as you begin to innovate & execute on multiple dimensions in order to scale quickly and profitably.

Developing a Security Policy That Will Survive

digitallibrary

The beginning of a sound information system security program is the development of a security policy document that will help protect the organization�s assets and reputation. Often, the policy is written and placed on the shelf to be admired, but is not implemented, enforced or maintained. Not having a security policy today is a legal liability for any corporation, but what about policies that are written, and then never enforced? This presentation explores the life-cycle and methodology for successful security policy development, implementation, maintenance, and continued enforcement. Coordination with executive management, information system users, legal counsel, and security professionals are all part of the success model. Learn specific activities that have been used in the field to establish the security policy as part of the organization�s framework for operation and how to revive or rework existing policy that has not been implemented.

ITILHazem Ismaeel

10 Good Reasons: NetApp for Data Protection

NetApp

9i R2 ChecklistLiquidHub

Seclore Advantage Channel Program

Seclore

Most organizations are focused on building protection around their enterprise networks, devices and applications. But what if an employee downloads sensitive product roadmap details, or customer data, before resigning from the company? Seclore’s data-centric security solution helps your customers address the growing risks of data breaches and leaks, by protecting the data itself. No matter where or how information travels or is stored, it remains protected. And Seclore also solves key regulatory compliance issues many customers are facing with GDPR, PCI-DSS, and NIST

The New Normal: Dealing with the Reality of an Unsecure World

Eric Kavanagh

Hot Technologies with Dr. Robin Bloor, Dez Blanchfield and IDERA The data is staggering: breaches of epic proportion continue to rock the business world. Massive amounts of personal information have been hacked, then sold to all manner of bad actors. Another wave of attacks is on the way, in which those stolen IDs will be used to compromise any corporate system that can be found. What can your organization do? Register for this episode of Hot Technologies to hear veteran Analyst Dr. Robin Bloor and Data Scientist Dez Blanchfield explain why security and compliance have entered a whole new era, and why innovative approaches are necessary to mitigate risk. They'll be briefed by Ignacio Rodriguez of IDERA, who will demonstrate how the company's SQL Secure can help organizations stay one step ahead of the bad guys, while also facilitating compliance audits.

Addressing Security and Provide through IHE Profiles

Massimiliano Masi

Thales e-Security + Vormetric have combined to form the leading global data protection and digital trust management company. Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual, and cloud environments. By deploying our leading solutions and services, targeted attacks are thwarted and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost. Thales e-Security and Vormetric are part of Thales Group. www.thales-esecurity.com.

GDPR Fast Start

Delphix

Scrum at Scale at THALES

Cesario Ramos

TLS State of the Union

Sander Temme

Agile Mumbai 2022 - Saikat Prabhakar | AI-driven TestOps : A Need or Necessit...

AgileNetwork

Is Your Hadoop Environment Secure?

Datameer

How do you protect the data in big data analytics projects? As big data initiatives focus on volume, velocity or variety of data, often overlooked in the big data project is the security of the data. This is especially important for financial services, healthcare and government or anytime sensitive data is analyzed. This webinar highlights: *Hadoop security landscape *Hadoop encryption, masking, and access control *Customer examples of securing hadoop environments

Oracle Netsuite - How Cloud Software Drives Innovation and Growth

Smith & Williamson

Culture shock? Academia vs industry

Jisc

Cloud payments (HCE): a simpler step with Thales HSMs

Thales e-Security

Deploying a cloud payment (HCE) solution can be a daunting and complex task. Cryptographic and key management requirements don't have to be something to slow down your project. At Thales e-Security we have been at the forefront of designing solutions to reduce the complexity of cryptographic security and implementation, helping organisations rapidly bring solutions to market. This slidedeck explains the key management requirements of the various schemes' specifications, and explains how using Thales HSMs can shorten your development cycle and allow you to rapidly bring your product to market. Or why not listen to the webcast: https://www.thales-esecurity.com/knowledge-base/webcasts/cloud-payments-made-simpler-with-thales-hsms

CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries

NowSecure

Originally Presenter October 18, 2018 Enterprise-grade ephemeral messaging provider Vaporstream knows firsthand that security needs to be built into the software development lifecycle rather than bolted on. Serving highly regulated industries such as federal government, energy, financial services and healthcare, Vaporstream’s leakproof communication platform provides the highest level of assurance that compliance professionals require. Vaporstream partners with NowSecure to test and certify its Android and iOS mobile messaging apps. This case study webinar covers how Vaporstream adheres to a rigorous secure app lifecycle in order to meet customer expectations for secure communications: + Designing a secure app architecture & development process + Incorporating security testing into the release cycle + Comprehensive penetration testing

DevOps + DataOps = Digital Transformation

Delphix

Why Your Approach To Data Governance Needs a Major Update

Delphix

Data is the fuel that powers today’s application-driven businesses. But efficiently governing this data is becoming harder as it grows in volume and proliferates across cloud and on-prem environments. Questions like “Where is my sensitive data located?,” “How do we protect it from breach?” and “How do I ensure the right people have access to it?” are becoming more difficult to answer.

arcadia_capella_considerations_for_sysml_v2-bonnet.pdf

xmumiao

Move and Secure Your Data

Delphix

Data Masking With The Delphix Dynamic Data Platform

Delphix

If you’re like most businesses, as much as 80% of sensitive data resides in environments used for development, testing, and reporting. In other words, the majority of your most valuable information exists in some your least secure environments. Discover how the Delphix Dynamic Data Platform addresses this problem head on, providing an integrated solution for identifying, masking, and delivering secure data.

The EU General Protection Regulation and how Oracle can help

Niklas Hjorthen

First step to an effective data privacy program

LeeDavis47

Standing Up an Effective Enterprise Data Hub -- Technology and Beyond

Cloudera, Inc.

Federal organizations increasingly are focused on creating environments that enable more data-driven decisions. Yet ensuring that all data is considered and is current, complete, and accurate is a tall order for most. To make data analytics meaningful to support real-world transformation, agency staff need business tools that provide user-friendly dashboards, on-demand reporting, and methods to manage efficiently the rise of voluminous and varied data sets and types commonly associated with big data. In most cases, existing systems are insufficient to support these requirements. Enter the enterprise data hub (EDH), a software architecture specifically designed to be a unified platform that can economically store unlimited data and enable diverse access to it at scale. Plan to attend this discussion to understand the key considerations to making an EDH the architectural center of your agency’s modern data strategy.

Abhaya Sumanasena - Real Wireless - Spectrum Options

techUK

Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...

techUK

Similar to Thales - LED and DP from a Vendor's Perspective

Hyperconverged: The Future of Data Centers Presentation

Sara Thomason

Alex Hanway, Director, Business Development, The Thales Group

Neo4j

Thales e-Security corporate presentation

Thales e-Security

GDPR Fast Start

Delphix

Scrum at Scale at THALES

Cesario Ramos

TLS State of the Union

Sander Temme

Agile Mumbai 2022 - Saikat Prabhakar | AI-driven TestOps : A Need or Necessit...

AgileNetwork

Is Your Hadoop Environment Secure?

Datameer

Oracle Netsuite - How Cloud Software Drives Innovation and Growth

Smith & Williamson

Culture shock? Academia vs industry

Jisc

Cloud payments (HCE): a simpler step with Thales HSMs

Thales e-Security

CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries

NowSecure

DevOps + DataOps = Digital Transformation

Delphix

Why Your Approach To Data Governance Needs a Major Update

Delphix

arcadia_capella_considerations_for_sysml_v2-bonnet.pdf

xmumiao

Move and Secure Your Data

Delphix

Data Masking With The Delphix Dynamic Data Platform

Delphix

The EU General Protection Regulation and how Oracle can help

Niklas Hjorthen

First step to an effective data privacy program

LeeDavis47

Standing Up an Effective Enterprise Data Hub -- Technology and Beyond

Cloudera, Inc.

Similar to Thales - LED and DP from a Vendor's Perspective (20)

Hyperconverged: The Future of Data Centers Presentation

Alex Hanway, Director, Business Development, The Thales Group

Thales e-Security corporate presentation

GDPR Fast Start

Scrum at Scale at THALES

TLS State of the Union

Agile Mumbai 2022 - Saikat Prabhakar | AI-driven TestOps : A Need or Necessit...

Is Your Hadoop Environment Secure?

Oracle Netsuite - How Cloud Software Drives Innovation and Growth

Culture shock? Academia vs industry

Cloud payments (HCE): a simpler step with Thales HSMs

CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries

DevOps + DataOps = Digital Transformation

Why Your Approach To Data Governance Needs a Major Update

arcadia_capella_considerations_for_sysml_v2-bonnet.pdf

Move and Secure Your Data

Data Masking With The Delphix Dynamic Data Platform

The EU General Protection Regulation and how Oracle can help

First step to an effective data privacy program

Standing Up an Effective Enterprise Data Hub -- Technology and Beyond

Recently uploaded

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Bits & Pixels using AI for Good.........

Alison B. Lowndes

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Recently uploaded (20)