Cyber Defense eMagazine August Edition for 2021

More documents

Recommendations

Info

— which include homomorphic encryption, secure multiparty computation, and trusted execution environments, among others — allow businesses to responsibly monetize existing data assets by respecting the privacy of both the customers using the monetization service and the data itself. It is critical that data owners consider both of these components, the data and participants, or the risks associated with monetization may outweigh the benefits. At the core of any effective monetization strategy is the holistic security and governance of the data itself. Some organizations are working to address this issue by adopting a data-centric approach to security, focusing on the security of the data rather than just the networks, servers, and applications it resides on. The goal of this holistic approach is to protect data wherever it is within an organization, whether at rest on the file system, moving through the network, or while it’s actually being used or processed, as represented in the Data Security Triad. If there is data of value at stake, it must be protected at all times. While Data at Rest and Data in Transit are commonly protected using standard data and transport encryption, the Data in Use segment is frequently overlooked by many organizations. Protecting data while it's being used is especially of critical importance when it comes to leveraging data for monetization purposes. PETs solutions are uniquely positioned to address these Data in Use vulnerabilities because they can allow sensitive or regulated data to be securely processed and in a privacy-preserving manner without the risk of exposure. With PETs, organizations can analyze, use, and provide access to data assets in ways that may have previously been determined to be too risky, especially if that data is to be shared with a third party. PETs can also serve to protect the users of data monetization platforms by protecting their interests and intents. For competitive reasons, organizations generally want to avoid revealing their specific interests in a third-party dataset, even to the data owner. PETs allow these users to perform encrypted queries and analysis, ensuring the content of their interaction with the data is never exposed beyond their walls. For data owners, this expands the range of potential targets and ensures that users never introduce sensitive or regulated content, such as those they may be included in the query itself, into their environment. Another significant barrier to monetizing existing data assets has been the need to combine or move data assets to a central or even third-party location. There are a number of issues with such an approach, only some of which involve data privacy. But homomorphic encryption, a pillar of the PETs category, can overcome this challenge by enabling a decentralized framework for secure data sharing and monetization. When designed to work as a proxy layer, the technology can also allow organizations to integrate with existing data governance mechanisms such as access control measures and audit systems. This ability to control and audit data usage and access is key to any monetization initiative. There is no question that there are new revenue opportunities waiting to be unlocked by securely and privately leveraging existing data assets in a privacy-preserving manner. However, while pursuing technical answers to the question of "Can we?" organizations must also consider the foundational question of "Should we?" before they embark. Data monetization is a cross-functional undertaking and it Cyber Defense eMagazine – August 2021 Edition 72 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
is important that all internal stakeholders, including privacy, security, and legal teams, are involved to help identify and mitigate potential risks, and ensure that monetization activities are pursued in a way that fully respects the privacy and security of the data as well as those leveraging it. Privacy Enhancing Technologies can deliver on that commitment, providing organizations with a path to responsibly leveraging data assets. About the Author Dr. Ellison Anne Williams is the Founder and CEO of Enveil. Building on more than a decade of experience leading avantgarde efforts in the areas of large scale analytics, information security and privacy, computer network exploitation, and network modeling, she founded the startup in 2016 to protect sensitive data while it's being used or processed – the 'holy grail' of data encryption. Ellison Anne leverages her deep technical background and a passion for evangelizing the impact of disruptive technologies to cultivate category-defining solutions that enable secure data search, analytics, sharing, and collaboration. She holds a Ph.D. in mathematics (algebraic combinatorics), an M.S. in mathematics (set theoretic topology), and an M.S. in computer science (machine learning). Cyber Defense eMagazine – August 2021 Edition 73 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Understanding The Importance of Des
Page 3 and 4:
From Security-Enhanced 5G Networks
Page 5 and 6:
@CYBERDEFENSEMAG InfoSec Knowledge
Page 7 and 8:
Cyber Defense eMagazine - August 20
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22: Cyber Defense eMagazine - August 20
Page 33 and 34: Understanding The Importance of Des
Page 35 and 36: 4. Is there some sort of final secu
Page 37 and 38: Evaluating Security Practices in Re
Page 39 and 40: After answering these questions and
Page 41 and 42: • Microsoft released patches for
Page 43 and 44: Four Ways Smart Cities Can Stay Saf
Page 45 and 46: From the technology perspective, th
Page 47 and 48: The Psychology of a Cybercriminal M
Page 49 and 50: Hacktivism One often-overlooked cyb
Page 51 and 52: A 2019 study revealed that 91% of e
Page 53 and 54: • Regularly check and update your
Page 55 and 56: ● ● Regulatory fines and penalt
Page 57 and 58: But how can leaders prepare for a r
Page 59 and 60: Black Market as Sustainable Ecosyst
Page 61 and 62: shopping centers, trade malls and t
Page 63 and 64: PKI Rises to the Challenge Using X.
Page 65 and 66: 7. Application Code Signing Code si
Page 67 and 68: Greater IT Freedom with Tighter IT
Page 69 and 70: Ninety percent of respondents say e
Page 71: A PETs-Enabled Path to Secure & Pri
Page 75 and 76: Automated scanning is not enough Ma
Page 77 and 78: continuous game of catching up each
Page 79 and 80: Top Tips Every SMB Must Know to Saf
Page 81 and 82: where hackers will either change a
Page 83 and 84: From Security-Enhanced 5G Networks
Page 85 and 86: of intelligence, the latter being d
Page 87 and 88: About the Author David Soldani rece
Page 89 and 90: The unpredictability component in c
Page 91 and 92: anticipating the blind spots of the
Page 93 and 94: Cybercrime is constantly on the ris
Page 95 and 96: How Much Will You Have to Pay to Be
Page 97 and 98: and California Consumer Privacy Act
Page 99 and 100: It’s Time to Issue Company Passwo
Page 101 and 102: Non-Enterprise Grade Communication
Page 103 and 104: How to Communicate with your employ
Page 105 and 106: Security Issues of Working Remotely
Page 107 and 108: Another way a leak or theft can hap
Page 109 and 110: However, new research finds almost
Page 111 and 112: To Reduce Risk, Feds Need To Reeval
Page 113 and 114: environment, designed to address wo
Page 115 and 116: A penetration test has two typical
Page 117 and 118: Black Box In the event of a real cy
Page 119 and 120: which represent the highly polarize
Page 121 and 122: 5 Tips to Prevent a Security Breach
Page 123 and 124:
Secrets detection can be added in t
Page 125 and 126:
when it reaches its destination. Th
Page 127 and 128:
Maturity-Based Approach vs. Risk-Ba
Page 129 and 130:
To be successful in using a risk-ba
Page 131 and 132:
About eSentire eSentire Inc., is th
Page 133 and 134:
adjust score weights to ensure fina
Page 135 and 136:
Hostname-based pattern model Traffi
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
You asked, and it’s finally here
Page 145 and 146:
9 Years in The Making… Thank You
Page 147 and 148:
show all

Cyber Defense eMagazine August Edition for 2021

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?