How should we prepare for this new brave world where many 3rd party security providers disappeared into cloud providers? This will greatly impact many 3rd party security vendors, organizations and investors.
Cloud transformations are accelerating. By 2020, cloud will increase by 157% and on-premises ’traditional’ IT infrastructure will decrease by 54%, according to 452 Research, 2018.
We will cover how many security solutions will change, including:
- WAF – Web Application Firewalls
- SIEM
- Firewalls
- Encryption
- Tokenization
- Key Management
- AV – Anti Virus
- Network
- And more...
Securing Your Digital Files from Legal ThreatsAbbie Hosta
Get ready to learn some immensely powerful tips and management approaches designed to safeguard your digital files firm from today’s growing cyber threats. Dive into Worldox technology and how it helps clients ensure compliance with ABA rules and protect your documents. We’ll offer practical guidance and strategies for Worldox users, law firm administrators, and IT managers looking to secure their documents and protect their sensitive client, business and employee information.
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
Do you have a GDPR Roadmap?
- How to measure Cybersecurity Preparedness
- Oversight of Third Parties
- Related International Standards
- Killing Cloud Quickly?
Technology aspects:
- International/EU PII Customer Case Studies
- Available Data Protection Options
- How to Integrate Security into Application Development
- Security Metrics
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
IoT devices are proliferating throughout corporate networks raising concerns about security risks they may introduce. However, IoT technologies differ in many ways from most enterprise-ready technologies that currently exist. Understanding the risks that IoT represents and how to best quantify that risk can be a challenge for many security leaders. This webinar provides an overview of IoT architectures, how they differ from existing infrastructure devices, and how best to measure the risk IoT devices represent. It will expose attendees to concepts like Threat Modeling for IoT and provide additional references that will help build a successful IoT security assessment program.
Securing Your Digital Files from Legal ThreatsAbbie Hosta
Get ready to learn some immensely powerful tips and management approaches designed to safeguard your digital files firm from today’s growing cyber threats. Dive into Worldox technology and how it helps clients ensure compliance with ABA rules and protect your documents. We’ll offer practical guidance and strategies for Worldox users, law firm administrators, and IT managers looking to secure their documents and protect their sensitive client, business and employee information.
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
Do you have a GDPR Roadmap?
- How to measure Cybersecurity Preparedness
- Oversight of Third Parties
- Related International Standards
- Killing Cloud Quickly?
Technology aspects:
- International/EU PII Customer Case Studies
- Available Data Protection Options
- How to Integrate Security into Application Development
- Security Metrics
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
IoT devices are proliferating throughout corporate networks raising concerns about security risks they may introduce. However, IoT technologies differ in many ways from most enterprise-ready technologies that currently exist. Understanding the risks that IoT represents and how to best quantify that risk can be a challenge for many security leaders. This webinar provides an overview of IoT architectures, how they differ from existing infrastructure devices, and how best to measure the risk IoT devices represent. It will expose attendees to concepts like Threat Modeling for IoT and provide additional references that will help build a successful IoT security assessment program.
3 ways to secure your law firm’s information and reputationNikec Solutions
As competition within the legal environment intensifies, law firms are constantly looking for ways to differentiate their services.
While many consider their reputation as their greatest asset that took years to build, there are a few key elements that underpin this, one of which is security.
It is this robust security that can prevent issues such as data breaches which in turn will destroy your reputation at the snap of a finger.
It is not only the law firms who understand the need for data protection and security, clients and consumers are becoming much more savvy and are realising that they too, need to protect their own.
With newspapers filled with stories of hackers attacking large multinational companies and mobile devices with sensitive data being lost or stolen, security is fast becoming a top priority for most businesses today.
Here are 3 ways to secure your law firm’s
information and reputation
IoT security compliance framework is essential to ensure IoT security. Here is a complete iot security audit checklist for ensuring security of IoT Devices in real time. know more here : https://www.qwentic.com/blog/iot-security-compliance-checklist
Research presentation for IoT/M2M security
- Paper: Distributed Capability-based Access Control for the Internet of Things
- Security solution in open source IoT platform (OM2M, AllJoyn)
This presentation contains the contents pertaining to the undergraduate course on Cryptography and Network Security (UITC203) at Sri Ramakrishna Institute of Technology. This covers the motivation towards cryptography and network security and gives a basic insight into the attacks, services, and mechanisms described in the OSI security architecture, with reference to ITU-T X.800.
The lecture is available on Youtube in the following link: https://youtu.be/YT4GVjy7q3E
Privacy and Security in the Internet of ThingsJeff Katz
Jeff Katz from KIWI discusses topics relating to Privacy and Security in the Internet of Things. What you should do, what you should never do, and what to avoid becoming. From the IoT Conference September 2015 in Berlin
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
Cloud application development is accelerating and diversifying where many organizations have virtual machines, containers, and now serverless applications running in the cloud, transforming code into infrastructure. Microservices make a lot of sense for scale and development agility, but if everything is talking to everything else via APIs, it’s likely that there are many (and I mean many) application vulnerabilities. Additionally, API security is new, so processes are likely immature, and API security sits somewhere between application developers, DevOps, and cybersecurity, leading to organizational and skills challenges. We will organize this chaos from RSAC 2019 and discuss Security in the new API Ecosystem.
Security is morphing to a hybrid model for distributed policy enforcement across cloud-based environments. At the same time, organizations want central policy management for the whole environment. The network access model is changing, too, moving to a software-defined perimeter (SDP) and extending the Data Leakage Prevention (DLP) to better support requirements from new regulatory compliance requirements.
We will discuss:
1. “What Security People Should Talk About Instead”
2. “The Human Factor”
3. “Advancements in Machine Learning and AI”
4. “Security in App Development and The API Economy”
5. “News in Quantum Computing and Multiparty Computing”
6. “Trends in Innovation and Cloud Security”
7. “New Standards and Regulations”
We will also discuss:
1. How IT Audit can be automated to meet new requirements from for Agile Development and cloud.
2. How IT Audit can learn more about new controls and technologies.
3. How IT Audit can be involved early in the DevOps planning phase.
4. How Artificial Intelligence can be used in IT audits to expand beyond sampling.
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)Intergen
We ran the "Windows Accelerate IT Pro Bootcamp" one day hands-on workshop in early June 2014. These eight modules were designed to get IT managers, project managers, sysadmin and devops up to speed with the new Windows 8.1 and Office 2013. The bootcamp focused on how to move off earlier versions of Windows and Office to a modern desktop and tablet platforms with the latest security and mobility technologies.
Keep an eye in our SlideShare feed for all eight modules:
Windows Accelerate IT Pro Bootcamp: Introduction (Module 1 of 8)
Windows Accelerate IT Pro Bootcamp: Platform Delivery (Module 2 of 8)
Windows Accelerate IT Pro Bootcamp: Windows ToGo (Module 3 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: UE-V (Module 5 of 8)
Windows Accelerate IT Pro Bootcamp: App-V (Module 6 of 8)
Windows Accelerate IT Pro Bootcamp: Devices (Module 7 of 8)
Windows Accelerate IT Pro Bootcamp: Closing (Module 8 of 8)
For other events (Intergen or Microsoft Community) check our events page at http://www.intergen.co.nz/upcoming-events/
Emerging application and data protection for multi cloudUlf Mattsson
Emerging Application and Data Protection for Multi-Cloud
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data - how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers. The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value. This session will discuss Emerging Application and Data Protection for Multi-cloud and review Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation.
Emerging application and data protection for multi cloudUlf Mattsson
With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
Join this webinar to learn more about:
- Data Protection solutions for the enterprise
- Trends in Data Masking, Tokenization and Encryption
- New Data Protection Standards from ISO and NIST
- The new API Economy and how to control access to sensitive data — both on-premises, and in public and private clouds
- The llatest developments in IAM technologies and authentication
3 ways to secure your law firm’s information and reputationNikec Solutions
As competition within the legal environment intensifies, law firms are constantly looking for ways to differentiate their services.
While many consider their reputation as their greatest asset that took years to build, there are a few key elements that underpin this, one of which is security.
It is this robust security that can prevent issues such as data breaches which in turn will destroy your reputation at the snap of a finger.
It is not only the law firms who understand the need for data protection and security, clients and consumers are becoming much more savvy and are realising that they too, need to protect their own.
With newspapers filled with stories of hackers attacking large multinational companies and mobile devices with sensitive data being lost or stolen, security is fast becoming a top priority for most businesses today.
Here are 3 ways to secure your law firm’s
information and reputation
IoT security compliance framework is essential to ensure IoT security. Here is a complete iot security audit checklist for ensuring security of IoT Devices in real time. know more here : https://www.qwentic.com/blog/iot-security-compliance-checklist
Research presentation for IoT/M2M security
- Paper: Distributed Capability-based Access Control for the Internet of Things
- Security solution in open source IoT platform (OM2M, AllJoyn)
This presentation contains the contents pertaining to the undergraduate course on Cryptography and Network Security (UITC203) at Sri Ramakrishna Institute of Technology. This covers the motivation towards cryptography and network security and gives a basic insight into the attacks, services, and mechanisms described in the OSI security architecture, with reference to ITU-T X.800.
The lecture is available on Youtube in the following link: https://youtu.be/YT4GVjy7q3E
Privacy and Security in the Internet of ThingsJeff Katz
Jeff Katz from KIWI discusses topics relating to Privacy and Security in the Internet of Things. What you should do, what you should never do, and what to avoid becoming. From the IoT Conference September 2015 in Berlin
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
Cloud application development is accelerating and diversifying where many organizations have virtual machines, containers, and now serverless applications running in the cloud, transforming code into infrastructure. Microservices make a lot of sense for scale and development agility, but if everything is talking to everything else via APIs, it’s likely that there are many (and I mean many) application vulnerabilities. Additionally, API security is new, so processes are likely immature, and API security sits somewhere between application developers, DevOps, and cybersecurity, leading to organizational and skills challenges. We will organize this chaos from RSAC 2019 and discuss Security in the new API Ecosystem.
Security is morphing to a hybrid model for distributed policy enforcement across cloud-based environments. At the same time, organizations want central policy management for the whole environment. The network access model is changing, too, moving to a software-defined perimeter (SDP) and extending the Data Leakage Prevention (DLP) to better support requirements from new regulatory compliance requirements.
We will discuss:
1. “What Security People Should Talk About Instead”
2. “The Human Factor”
3. “Advancements in Machine Learning and AI”
4. “Security in App Development and The API Economy”
5. “News in Quantum Computing and Multiparty Computing”
6. “Trends in Innovation and Cloud Security”
7. “New Standards and Regulations”
We will also discuss:
1. How IT Audit can be automated to meet new requirements from for Agile Development and cloud.
2. How IT Audit can learn more about new controls and technologies.
3. How IT Audit can be involved early in the DevOps planning phase.
4. How Artificial Intelligence can be used in IT audits to expand beyond sampling.
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)Intergen
We ran the "Windows Accelerate IT Pro Bootcamp" one day hands-on workshop in early June 2014. These eight modules were designed to get IT managers, project managers, sysadmin and devops up to speed with the new Windows 8.1 and Office 2013. The bootcamp focused on how to move off earlier versions of Windows and Office to a modern desktop and tablet platforms with the latest security and mobility technologies.
Keep an eye in our SlideShare feed for all eight modules:
Windows Accelerate IT Pro Bootcamp: Introduction (Module 1 of 8)
Windows Accelerate IT Pro Bootcamp: Platform Delivery (Module 2 of 8)
Windows Accelerate IT Pro Bootcamp: Windows ToGo (Module 3 of 8)
Windows Accelerate IT Pro Bootcamp: Security (Module 4 of 8)
Windows Accelerate IT Pro Bootcamp: UE-V (Module 5 of 8)
Windows Accelerate IT Pro Bootcamp: App-V (Module 6 of 8)
Windows Accelerate IT Pro Bootcamp: Devices (Module 7 of 8)
Windows Accelerate IT Pro Bootcamp: Closing (Module 8 of 8)
For other events (Intergen or Microsoft Community) check our events page at http://www.intergen.co.nz/upcoming-events/
Emerging application and data protection for multi cloudUlf Mattsson
Emerging Application and Data Protection for Multi-Cloud
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data - how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers. The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value. This session will discuss Emerging Application and Data Protection for Multi-cloud and review Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation.
Emerging application and data protection for multi cloudUlf Mattsson
With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.
Join this webinar to learn more about:
- Data Protection solutions for the enterprise
- Trends in Data Masking, Tokenization and Encryption
- New Data Protection Standards from ISO and NIST
- The new API Economy and how to control access to sensitive data — both on-premises, and in public and private clouds
- The llatest developments in IAM technologies and authentication
Practical risk management for the multi cloudUlf Mattsson
This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.
We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.
Viewers will also learn about:
- Macro trends in Cloud security and Micro trends in Cloud security
- Risks from Quantum Computing and when we should move to alternate forms of encryption
- Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
- Risk Management methods from ISACA and other organizations
Speaker: Ulf Mattsson, Head of Innovation, TokenEx
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
The rapid rise of cloud data storage and applications has led to unease among adopters over the security of their data. Whether it is data stored in a public, private or hybrid cloud, or used in third party SaaS applications, companies have good reason to be concerned.
In this session Protegrity CTO and data security thought leader Ulf Mattsson will focus on practical advice on what to look for in cloud service providers and a review of the technologies and architectures available to protect sensitive data in the cloud, both on- and off-site. Through real life use cases, Ulf will discuss solutions to some of the most common issues of data governance, usability, compliance and security in the cloud environment.
Title: What I Learned at Gartner Summit 2019
Abstract:
The Gartner Summit 2019 agenda featured five comprehensive programs to cover your security and risk management key priorities and challenges. Digital transformation continues to challenge the conventions of information risk and security management. It requires a coherent digital security program based on a clear vision and strategy. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level.
The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value.
Gartner includes data ethics and privacy on their list of the top 10 strategic technology trends of 2019, placing it on the same level as AI-driven development, blockchain, and edge computing. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data.
The cloud, SaaS applications, and user mobility are powerful enablers of digital transformation, but many IT organizations are grappling with legacy network and security architectures that haven't evolved in decades. In the era of Cloud 3.0, companies are re-imagining business processes from and for the cloud. With these new opportunities comes a new cybersecurity reality for IT leaders in a hybrid, multicloud world. At a minimum, cloud computing breaks into 3 primary layers: SaaS, PaaS and IaaS.
This presentation will explain primary security controls. You’ll learn how to take a strategic approach to risk, improve business and data resilience, build digital trust and implement a new generation of continuously adaptive security strategies. Cloud security remains a top priority. This presentation summarizes the problems, recommended processes, and new product types to address key issues.
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data — how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers.
The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value.
This session will discuss Emerging Application and Data Protection for Multi-cloud and review Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation.
• Learn New Application and Data Protection Strategies
• Learn Advancements in Machine Learning
• Learn how to develop a roadmap for EU GDPR compliance
• Learn Data-centric Security for Digital Business
• Learn Where Data Security and Value of Data Meet in the Cloud
• Learn Data Protection On-premises, and in Public and Private Clouds
• Learn about Emerging Application and Data Protection for Multi-cloud
• Learn about Emerging Data Privacy and Security for Cloud
• Learn about New Enterprise Application and Data Security Challenges
• Learn about Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation
Security and privacy of cloud data: what you need to know (Interop)Druva
Is your company thinking about the cloud or already in there but learning fast about the many challenges of the security and privacy of cloud data?
Learn more about the landscape of data in the cloud, and the obstacles that every company should consider when it comes to protecting their down.
Unlock the potential of data security 2020Ulf Mattsson
Explore challenges of managing and protecting data. We'll share best practices on establishing the right balance between privacy, security, and compliance
Expand Your Control of Access to IBM i Systems and DataPrecisely
Controlling all the ways your company’s data is being accessed, especially given the proliferation of open source software and other non-traditional data-access methods, is critical to ensuring security and regulatory compliance. This webinar reviews the different ways your data can be accessed, discusses how exit points work and how they can be managed, and why a global data access control strategy is especially important to efficiently protect sensitive data against unwanted access.
Topics include:
• IBM i access methods and risks
• Using exit programs to block traditional and modern access methods
• Real life examples and perspectives
Controlling Access to IBM i Systems and DataPrecisely
Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches.
View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover:
• Securing network access and communication ports
• How database access via open-source protocols can be secured
• Taking control of command execution
Information Security Management. Security solutions copyyuliana_mar
Information Security Management. Introduction.
By Yuliana Martirosyan,
Based on Bell G. Reggard, Information Security Management. Concepts and Practices.
Emerging Data Privacy and Security for CloudUlf Mattsson
Title "Emerging Data Privacy and Security for Cloud"
Abstract:
Personal data privacy will be the most prominent issue affecting how businesses gather, store, process, and disclose data in public cloud. Gartner includes data ethics and privacy on their list of the top 10 strategic technology trends of 2019, placing it on the same level as AI-driven development, blockchain, and edge computing. Businesses have been inundated with information on what recent privacy laws like GDPR and CCPA require, but many are still trying to figure out how to comply with them on a practical level. Many companies are focusing on data privacy from the legal and security side, which are foundational, but are missing the focus on data. The good news is that these data privacy regulations compel businesses to get a handle on personal data — how they get it, where they get it from, which systems process it, where it goes internally and externally, etc. In other words, the new norms of data privacy require proactive data management, which enables organizations to extract real business value from their data, improve the customer experience, streamline internal processes, and better understand their customers.
Companies continue to transition to more costefficient cloud-based solutions, their email and other valuable data migrate along with them. The new Verizon Data Breach Investigations Report (DBIR) provides perspectives on how Criminals simply shift their focus and adapt their tactics to locate and steal the data they find to be of most value.
Differential privacy, Tokenization, Homomorphic encryption, and Privacy-preserving computation are often discussed in the context of identifying individuals whose information may be in a database. Secure multi-party computation (also known as secure computation, multi-party computation (MPC), or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private.
We will discuss how these emerging data privacy technologies can limit the privacy impact on individuals whose information is in a database. Let’s break down the differences and see where these techniques fit best in an organization’s security and privacy strategy and align with privacy law requirements.
You will learn
- The latest trends and strategies for securing sensitive data in cloud and the enterprise
- How to discover and capture your data inventory
- What’s needed to prevent a data breach by securing your critical data and protect your reputation
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Precisely
The continuous news of personal information stolen from major retailers and financial institutions have driven consumers and regulatory bodies to demand that more action be taken to ensure data protection and privacy. Regulations such as PCI DSS, HIPAA, GDPR, and FISMA require that personal data be protected against unauthorized access using technologies like encryption, tokenization, masking, secure file transfer and more.
With all the options available for securing IBM i data at rest and in motion, how do you know where to begin?
Register to get up to speed on the key concepts you need to know about assuring data privacy for your customers, business partners and employees.
Topics will include:
- Protecting data with encryption and the need for strong key management
- Use Cases that are best for tokenization
- Options for permanently deidentifying data
- Securing data in motion across networks
Similar to The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g (20)
Jun 29 new privacy technologies for unicode and international data standards ...Ulf Mattsson
Protecting the increasing use International Unicode characters is required by a growing number of Privacy Laws in many countries and general Privacy Concerns with private data. Current approaches to protect International Unicode characters will increase the size and change the data formats. This will break many applications and slow down business operations. The current approach is also randomly returning data in new and unexpected languages. New approach with significantly higher performance and a memory footprint can be customizable and fit on small IoT devices.
We will discuss new approaches to achieve portability, security, performance, small memory footprint and language preservation for privacy protecting of Unicode data. These new approaches provide granular protection for all Unicode languages and customizable alphabets and byte length preserving protection of privacy protected characters.
Old Approaches
Major Issues
Protecting the increasing use International Unicode characters is required by a growing number of Privacy Laws in many countries and general Privacy Concerns with private data.
Old approaches to protect International Unicode characters will typically increase the size and change the data formats.
This will break many applications and slow down business operations. This is an example of an old approach that is also randomly returning data in new and unexpected languages
Book about
Quantum Computing Blockchain Reversable Protection Privacy by Design, Applications and APIs Privacy, Risks, and Threats Machine Learning and Analytics Non-Reversable Protection International Unicode Secure Multi-party Computing Computing on Encrypted Data Internet of Things II. Data Confidentiality and Integrity Standards and Regulations IV. Applications VI. Summary Best Practices, Roadmap, and Vision Trends, Innovation, and Evolution Hybrid Cloud , CASB and SASE Appendix A B C D E I. Introduction and Vision Section Access Control Zero Trust Architecture Trusted Execution Environments III. Users and Authorization Governance, Guidance, and Frameworks V. Platforms Data User App Innovation 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Chapter Discovery and Search Glossary
qubit-conference-new-york-2021: https://nyc.qubitconference.com/
Cybersecurity: Get ready for the unpredictable
Create a sound cybersecurity strategy based on the right technology & budgetary insights, proven practices, and processes for SMEs.
This virtual event will equip CxOs and cybersecurity teams with the right intel to create a sound cybersecurity strategy based on the right technology & budgetary insights, proven practices, and processes specially tailored for SMEs.
Find out how to bring the smart design of cybersecurity architecture and processes, what to automate & how to properly set up internal and external ownership.
The proven cybersecurity strategy fit for your environment can go a long way. Know what to do in-house, what to outsource, set up your budgets right, and get help from the right cybersecurity specialists.
Secure analytics and machine learning in cloud use casesUlf Mattsson
Table of Contents:
Secure Analytics and Machine Learning in Cloud ......................................................................................... 2
Use case #1 in Financial Industry .............................................................................................................. 2
Data Flow .............................................................................................................................................. 2
The approach can be used for other Use-cases .................................................................................... 2
Homomorphic Encryption for Secure Machine Learning in Cloud ............................................................... 3
Evolving Homomorphic Encryption .......................................................................................................... 3
Performance Examples – HE, RSA and AES ........................................................................................... 3
Performance Examples – FHE, NTRU, ECC, RSA and AES ...................................................................... 3
Some popular HE schemes .................................................................................................................... 4
Examples of HE Libraries used by IBM, Duality, and Microsoft ............................................................ 4
Fast Homomorphic Encryption for Secure Analytics in Cloud ...................................................................... 4
Use case #2 in Health Care ........................................................................................................................ 5
Provable security for untrusted environments ..................................................................................... 5
Comparison to multiparty computation and trusted execution environments ................................... 5
Time and memory requirements of HE ................................................................................................ 5
Managing Data Security in Hybrid Cloud ...................................................................................................... 8
Data Security Policy and Zero Trust Architecture ..................................................................................... 8
The future of encryption will change in the Post-Quantum Era: .............................................................. 8
Managing Data Security in a Hybrid World ................................................................................................... 9
Evolving Privacy Regulations ....................................................................................................................... 10
New Ruling in GDPR under "Schrems II" ................................................................................................. 10
The new California Privacy Rights Act (CPRA)
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
We will discuss the Evolving International Privacy Regulations. Cross Border Data Transfer for GDPR under Schrems II is now ruled by an EU court that defined what is required. This ruling can be far reaching for many businesses.
Data encryption and tokenization for international unicodeUlf Mattsson
Unicode is an information technology standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems. The standard is maintained by the Unicode Consortium, and as of March 2020, it has a total of 143,859 characters, with Unicode 13.0 (these characters consist of 143,696 graphic characters and 163 format characters) covering 154 modern and historic scripts, as well as multiple symbol sets and emoji. The character repertoire of the Unicode Standard is synchronized with ISO/IEC 10646, each being code-for-code identical with the other.
The Unicode Standard consists of a set of code charts for visual reference, an encoding method and set of standard character encodings, a set of reference data files, and a number of related items, such as character properties, rules for normalization, decomposition, collation, rendering, and bidirectional text display order (for the correct display of text containing both right-to-left scripts, such as Arabic and Hebrew, and left-to-right scripts). Unicode's success at unifying character sets has led to its widespread and predominant use in the internationalization and localization of computer software. The standard has been implemented in many recent technologies, including modern operating systems, XML, Java (and other programming languages), and the .NET Framework.
Unicode can be implemented by different character encodings. The Unicode standard defines Unicode Transformation Formats (UTF) UTF-8, UTF-16, and UTF-32, and several other encodings. The most commonly used encodings are UTF-8, UTF-16, and UCS-2 (a precursor of UTF-16 without full support for Unicode)
The future of data security and blockchainUlf Mattsson
Discussion of Post-Quantum Cryptography and other technologies:
Data Security Techniques
Secure Multi-Party Computation (SMPC)
Homomorphic encryption (HE)
Differential Privacy (DP) and K-Anonymity
Pseudonymization and Anonymization
Synthetic Data
Zero trust architecture (ZTA)
Zero-knowledge proofs (ZKP)
Private Set Intersection (PSI)
Trusted execution environments (TEE)
Post-Quantum Cryptography
Blockchain
Regulations and Standards in Data Privacy
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
Privacy preserving computing and secure multi-party computation ISACA AtlantaUlf Mattsson
A major challenge that many organizations faces, is how to address data privacy regulations such as CCPA, GDPR and other emerging regulations around the world, including data residency controls as well as enable data sharing in a secure and private fashion. We will present solutions that can reduce and remove the legal, risk and compliance processes normally associated with data sharing projects by allowing organizations to collaborate across divisions, with other organizations and across jurisdictions where data cannot be relocated or shared.
We will discuss secure multi-party computation where organizations want to securely share sensitive data without revealing their private inputs. We will review solutions that are driving faster time to insight by the use of different techniques for privacy-preserving computing including homomorphic encryption, k-anonymity and differential privacy. We will present best practices and how to control privacy and security throughout the data life cycle. We will also review industry standards, implementations, policy management and case studies for hybrid cloud and on-premises.
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
Digital Transformation and the opportunities to use data in Analytics and Machine Learning are growing exponentially, but so too are the business and financial risks in Data Privacy. The increasing number of privacy incidents and data breaches are destroying brands and customer trust, and we will discuss how business prioritization can be benefit from a finance-based data risk assessment (FinDRA).
More than 60 countries have introduced privacy laws and by 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations. We will discuss use cases in financial services that are finding a balance between new technology impact, regulatory compliance, and commercial business opportunity. Several privacy-preserving and privacy-enhanced techniques can provide practical security for data in use and data sharing, but none universally cover all use cases. We will discuss what tools can we use mitigate business risks caused by security threats, data residency and privacy issues. We will discuss how technologies like pseudonymization, anonymization, tokenization, encryption, masking and privacy preservation in analytics and business intelligence are used in Analytics and Machine Learning.
Organizations are increasingly concerned about data security in processing personal information in external environments, such as the cloud; and information sharing. Data is spreading across hybrid IT infrastructure on-premises and multi-cloud services and we will discuss how to enforce consistent and holistic data security and privacy policies. Increasing numbers of data security, privacy and identity access management products are in use, but they do not integrate, do not share common policies, and we will discuss use cases in financial services of different techniques to protect and manage data security and privacy.
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
ISACA London Chapter webinar, Feb 16th 2021
Topic: “Protecting Data Privacy in Analytics and Machine Learning”
Abstract:
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about.
This session also discusses international standards and emerging privacy-enhanced computation techniques, secure multiparty computation, zero trust, cloud and trusted execution environments. We will discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs.
Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.
The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.
Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle
What is tokenization in blockchain - BCS LondonUlf Mattsson
BCS North London Branch in association with Central London Branch webinar (by GoToWebinar) Date: 2nd December 2020 Time: 18.00 to 19.30 Event title: Blockchain tokenization “What is tokenization in Blockchain?”
Agenda
Blockchain
What is Blockchain?
Use cases, trends and risks
Vendors and platforms
Data protection techniques and scalability
Tokenization
Digital business
Convert a digital value into a digital token
Local and central models
Cloud
Tokenization in Hybrid cloud
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
In this session, we will discuss a range of new emerging technologies for privacy and confidentiality in machine learning and data analytics. We will discuss how to put these technologies to work for databases and other data sources.
When we think about developing AI responsibly, there’s many different activities that we need to think about.
This session also discusses international standards and emerging privacy-enhanced computation techniques, secure multiparty computation, zero trust, cloud and trusted execution environments. We will discuss the “why, what, and how” of techniques for privacy preserving computing.
We will review how different industries are taking opportunity of these privacy preserving techniques. A retail company used secure multi-party computation to be able to respect user privacy and specific regulations and allow the retailer to gain insights while protecting the organization’s IP. Secure data-sharing is used by a healthcare organization to protect the privacy of individuals and they also store and search on encrypted medical data in cloud.
We will also review the benefits of secure data-sharing for financial institutions including a large bank that wanted to broaden access to its data lake without compromising data privacy but preserving the data’s analytical quality for machine learning purposes.
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bUlf Mattsson
Blockchain
- What is Blockchain?
- Blockchain trends
Emerging data protection techniques
- Secure multiparty computation
- Trusted execution environments
- Use cases for analytics
- Industry Standards
Tokenization
- Convert a digital value into a digital token
- Tokenization local or in a centralized model
- Tokenization and scalability
Cloud
- Analytics in Hybrid cloud
Tokenization on Blockchain is a steady trend. It seems that everything is being tokenized on Blockchain from paintings, diamonds and company stocks to real estate. Thus, we took an asset, tokenized it and created its digital representation that lives on Blockchain. Blockchain guarantees that the ownership information is immutable.
Unfortunately, some problems need to be solved before we can successfully tokenize real-world assets on Blockchain. Main problem stems from the fact that so far, no country has a solid regulation for cryptocurrency. For example, what happens if a company that handles tokenization sells the property? They have no legal rights on the property and thus are not protected by the law. Another problem is that this system brings us back some sort of centralization. The whole idea of Blockchain and especially smart contracts is to create a trustless environment.
Tokenization is a method that converts a digital value into a digital token. Tokenization can be used as a method that converts rights to an asset into a digital token.
The tokenization system can be implemented local to the data that is tokenized or in a centralized model. We will discuss tokenization implementations that can provide scalability across hybrid cloud models. This session will position different data protection techniques, use cases for blockchain, and protecting blockchain.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
The day when 3rd party security providers disappear into cloud bright talk sep 19 2019 g
1. 1
The Day When 3rd Party
Security Providers Disappear
into Cloud
Ulf Mattsson TokenEx
stuffyoushouldknow
2. 2
• Head of Innovation at TokenEx
• Chief Technology Officer at Protegrity
• Chief Technology Officer at Atlantic BT Security Solutions
• Chief Technology Officer at Compliance Engineering
• Developer at IBM Research and Development
• Inventor of 70+ issued US patents
• Providing products and services for Data Encryption and
Tokenization, Data Discovery, Cloud Application Security Broker,
Web Application Firewall, Managed Security Services, Security
Operation Center, and Bench-marking/Gap-analysis.
Ulf Mattsson
3. 3
• Verizon Data Breach Investigations Report
• Enterprises are losing ground in the fight against persistent
cyber-attacks
• We simply cannot catch the bad guys until it is too late. This
picture is not improving
• Verizon reports concluded that less than 14% of breaches are
detected by internal monitoring tools
• JP Morgan Chase data breach
• Hackers were in the bank’s network for months undetected
• Network configuration errors are inevitable, even at the larges
banks
• Capital One data breach
• A hacker gained access to 100 million credit card applications
and accounts
• Amazon Web Services, the cloud hosting company that Capital
One was using
Enterprises Losing Ground Against Cyber-attacks
10. 10
The Day When 3rd Party Security Providers
Disappear into Cloud
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Public Cloud / Multi-
cloud
Example pricing:
10 % of on-premises alternatives
On-premises
11. 11
Security monitoring and operations
Monitor for malicious activity, handle security incidents, and support
operational processes that prevent, detect, and respond to threats.
•Cloud Security Command Center
•Security center - G Suite
•Alert center - G Suite
•Data regions - G Suite
•Access Transparency
•Access Transparency - G Suite
•Event Threat Detection
•Cloud Audit Logs
Infrastructure security
Rely on a secure-by-design infrastructure with hardening,
configuration management, and patch and vulnerability
management.
•Cloud Infrastructure Security Overview
•Container Security Overview
•Shielded VMs
•Binary Authorization
Network security
Help secure the network with products that define and enforce your
perimeter and allow for network segmentation, remote access, and
DoS defense.
•Virtual Private Cloud
•Cloud Load Balancing
•Encryption in transit
•Application Layer Transport Security
•Cloud Armor
Endpoint security
Help secure endpoints and prevent compromise with device hardening,
device management, and patch and vulnerability management.
•Chromebooks
•Chrome OS
•Chrome Browser
•G Suite Device Management
•Safe Browsing
Data security
Make sensitive data more secure with data discovery, controls to
prevent loss, leakage, and exfiltration, and data governance.
•Encryption at Rest
•Cloud KMS
•Cloud Data Loss Prevention
•G Suite Data Loss Prevention - Gmail
•G Suite Data Loss Prevention - Drive
•G Suite Information Rights Controls
•Cloud HSM
•VPC Service Controls
•G Suite enhance phishing and malware protection
•G Suite third-party application access controls
•G Suite security sandbox
Identity and access management
Manage and secure employee, partner, customer, and other identities,
and their access to apps and data, both in the cloud and on-premises.
•Cloud Identity
•Identity Platform
•Cloud IAM
•Policy Intelligence
•Cloud Resource Manager
•Cloud Identity-Aware Proxy
•Context-aware access
•Managed Service for Microsoft Active Directory
•Security key enforcement
•Titan Security Key
Application security
Protect and manage your business applications with application
testing, scanning, and API security features.
•Cloud Security Scanner
•Apigee
User protection services
Keep your users safe on the web.
•Phishing Protection
•ReCAPTCHA Enterprise
•Web Risk API
16. 16
Public Cloud / Multi-
cloud
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Remaining User
Responsibilities:
• User Identity Management
• Application Security
• Data Security
X
17. 17
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Remaining User
Responsibilities
1. User Identity Management
2. Application Security
3. Data Security
X
Public Cloud / Multi-
cloud
Security inside
the application,
container
security, …
18. 18
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Remaining User
Responsibilities
• User Identity Management
• Application Security
• Data Security
X
Emerging
Industry
Standards
Public Cloud / Multi-
cloud
19. 19
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Remaining User
Responsibilities
1. User Identity
2. Application Security
3. Data Security
X
Public Cloud / Multi-
cloud
Data Tokenization
Secure
Cloud
Security
Separation
Armor.com
20. 20
Cloud Access Security
Broker
(CASB)
Administrator
Data Security for including encryption, tokenization or
masking of fields or files (at transit and rest)
Remote
User
Internal
User
Cloud
Encryption
Gateway
(CASB)
Secure
Cloud
Security Separation
Armor.co
m
21. 21
• WAF
• SIEM
• Firewall
• Encryption
• Tokenization
• Key Management
• AV – Anti Virus
• Network Sec
Remaining User
Responsibilities
1. User Identity Management
2. Application Security
3. Data Security
X
Public Cloud / Multi-
cloud
Data Tokenization / encryption
Secure
Cloud
Security Separation
Armor.co
m
Data Protection for Multi-cloud
37. 37
Encryption and Privacy Models
• Privacy enhancing data de-identification terminology and
classification of techniques (ISO)
Source: INTERNATIONAL STANDARD ISO/IEC 20889
Encrypted data
has the same
format
Server model Local model
Differential
Privacy (DP)
Formal privacy measurement models
(PMM)
De-identification techniques
(DT)
Cryptographic tools
(CT)
Format
Preserving
Encryption (FPE)
Homomorphic
Encryption
(HE)
Two values
encrypted can
be combined*
K-anonymity
model
Responses to queries
are only able to be
obtained through a
software component
or “middleware”,
known as the
“curator**”
The entity
receiving the
data is looking
to reduce risk
Ensures that for
each identifier there
is a corresponding
equivalence class
containing at least K
records
*: Multi Party Computation (MPC)
**: Example Apple and Google
38. 38
Encryption and Privacy Models
Source: INTERNATIONAL STANDARD
ISO/IEC 20889
Homomorphic Encryption (HE)
*: Multi Party Computation (MPC)
Oper
(Enc_D1,
Enc_D2)
HE
Dec
HE
Enc
HE
Enc
Clear
12
Protected Key
Clear
D2
Enc
D1
Enc
D2
“Untrusted
Party*”
• Format Preserving Encryption (FPE), Homomorphic Encryption (HE) and
Multi Party Computation (MPC)
Clear
123
Format Preserving Encryption
(FPE)
FPE
Enc
Clear
D1
FPE
Dec
Clear
123
Protected Keys
897
39. 39
Encryption and Privacy Models
ISSA International 39
Source: INTERNATIONAL STANDARD ISO/IEC 20889
Differential Privacy
(DP)
k-Anonymity
Model
__
__
__
*: Example Apple and Google
Clear
Protected
Curator*
Filter
Clear
Cleanser
Filter
Cleanser
Filter
Clear
__
__
__
Protected
DB DB
• Differential Privacy (Google, Apple) and k-Anonymity Model
40. 40
EU General Data Protection Regulation (GDPR)
• What is Personal Data according to GDPR?
Article 4 – Definitions
• (1) ‘personal data’ means any
information relating to an identified
or identifiable natural person
• (5) ‘pseudonymisation’ means the
processing personal data in such
a manner that the data can no
longer be attributed to a specific
data subject
41. 41
GDPR Fines
• When French regulators cited Europe's fledgling General Data Protection Act in fining
Google $57 million earlier this year for playing fast and loose with consumer data in
personalizing ads, experts called what was then the biggest fine issued under the new
law the "tip of the iceberg.“
• The U.K.'s Information Commissioner's Office (ICO) on July 8 cited GDPR in announcing
it would seek a $230 million fine against British Airways (equal to 1.5 percent of the
company's annual revenue) for a September 2018 breach in which attackers accessed
the protected data of nearly 500,000 customers through the airline's website and mobile
applications.
• The ICO alleged that ineffective security practices were to blame.
• ICO added Marriott to the list, saying it intends to seek nearly $124 million from
Marriott (or 3 percent of its annual revenue) for a breach that saw hackers maintain
access to the Starwood guest reservation database between 2014 and 2018,
compromising 383 million customer records.
Source: rsaconference.com
45. 45
Example of Cross Border Data-centric Security
Data sources
Data
Warehouse
In Italy
Complete policy-enforced de-
identification of sensitive data
across all bank entities
46. 46
What is the difference?
• Encryption - A data security measure using mathematic algorithms to generate rule-based values in place of original data
• Tokenization - A data security measure using mathematic algorithms to generate randomized values in place of original data
Tokens are versatile
• Format-preserving tokens can be utilized where masked information is required
Encryption vs Tokenization
47. 47
Examples of Protected Data
Field Real Data Tokenized / Pseudonymized
Name Joe Smith csu wusoj
Address 100 Main Street, Pleasantville, CA 476 srta coetse, cysieondusbak, CA
Date of Birth 12/25/1966 01/02/1966
Telephone 760-278-3389 760-389-2289
E-Mail Address joe.smith@surferdude.org eoe.nwuer@beusorpdqo.org
SSN 076-39-2778 076-28-3390
CC Number 3678 2289 3907 3378 3846 2290 3371 3378
Business URL www.surferdude.com www.sheyinctao.com
Fingerprint Encrypted
Photo Encrypted
X-Ray Encrypted
Healthcare /
Financial Services
Dr. visits, prescriptions, hospital stays and
discharges, clinical, billing, etc.
Financial Services Consumer Products and
activities
Protection methods can be equally applied to
the actual data, but not needed with de-
identification
50. 50
Type of
Data
Use
Case
I
Structured
How Should I Secure Different Types of Data?
I
Un-structured
Simple –
Complex –
PCI
PHI
PII
Encryption
of Files
Card
Holder
Data
Tokenization
of Fields
Protected
Health
Information
Personally Identifiable Information
51. 51
A PCI SAQ A contains 22 controls compared to more than 300 for the full PCI DSS
• Use a hosted iFrame or payments page provided by a validated service provider to capture and tokenize CHD
• Do not transmit, process or store CHD via any other acceptance channel and utilize payment services of
tokenization provider to process transactions
Minimize Cost of PCI Tokenization
55. 55
#3 Self-Sovereign Identity (SSI)
YOU
CONNECTION
PEER
DISTRIBUTED LEDGER (BLOCKCHAIN)
Source: Sovrin.org
The Sovrin Network is the first public-permissioned blockchain designed as a global public utility exclusively to
support self-sovereign identity and verifiable claims. Recent advancements in blockchain technology now allow
every public key to have its own address, which is called a decentralized identifier (DID).
56. 56
#3 Self-Sovereign Identity (SSI)
PEER
DISTRIBUTED LEDGER (BLOCKCHAIN)
DIGITAL
WALLET
CONNECTION
GET CREDENTIAL
SHOW CREDENTIAL
1 DIDs
2 DKMS
3 DID AUTH
4
Verifiable
Credentials
Source: Sovrin.org