SlideShare a Scribd company logo

The Rise of Data Ethics and Security - AIDI Webinar

Eryk Budi Pratama
Eryk Budi Pratama

Presented at AIDI Talk (Webinar) Topic: The Rise of Data Ethics and Security

Data & Analytics
1 of 29
Download to read offline
11 Eryk B. Pratama IT Advisory & Cyber Security Consultant at Global Consulting Firm Asosiasi Ilmuwan Data Indonesia (AIDI) Komunitas Data Privacy & Protection Indonesia 29 July 2020 AIDI Webinar The Rise of Data Ethics & Security
About Me ❑ Global IT Advisory & Cyber Security Professional ❑ Asosiasi Ilmuwan Data Indonesia (AIDI) ❑ Komunitas Data Privacy & Protection Indonesia ❑ International Association of Privacy Professional (IAPP) ❑ Information Systems Audit and Control Association (ISACA) ❑ Community Enthusiast ❑ Blogger / Writer ❑ Knowledge Hunter ❑ https://medium.com/@proferyk ❑ https://www.slideshare.net/proferyk https://www.linkedin.com/in/erykbudipratama/ You can subscribe to my telegram channel. ▪ IT Advisory & Risk (t.me/itadvindonesia) ▪ Data Privacy & Protection (t.me/dataprivid) ▪ Komunitas Data Privacy & Protection (t.me/dataprotectionid)
Agenda 01 Introduction 02 Data Ethics 03 Big Data Security
Introduction
Data Ethics & Privacy News Introduction
Data/Information Lifecycle Introduction Source: ISACA – Getting Started with Data Governance with COBIT 5 It is important to plan the life cycle of data along with their placement within the governance structure. As practices operate, the data supporting or underlying them reach the various levels of their natural life cycles. Data is planned, designed, acquired, used, monitored and disposed of. Critical information security control Store | Data at Rest Share | Data in Motion Use | Data in Use
A growing reliance on data and analytics trigger the rise of Four Anchors to make analytics more trusted Introduction Does it perform as intended?Are the inputs and the development process high quality? Is its use considered acceptable? Is its long term operation optimised? Percentage of respondents who reported being very confident in their D&A insights Source: https://home.kpmg/pl/en/home/insights/2018/01/report-building-trust-in-analytics.html
Data sourcing is the key trust in stage of the analytics lifecycle Introduction Source: https://home.kpmg/pl/en/home/insights/2018/01/report-building-trust-in-analytics.html
Data Ethics
Ethics in Data Processing Data Ethics In the context of personal data, data represent the characteristics of individuals that can later be used to determine decisions that can affect the life of the individual. For example health data / medical records. What is the impact if a medical record is leaked? Unauthorized and irresponsible people can exploit it for financial needs, for example by selling medical records to companies that need the data. Impact on People Abuse Potential The economic value of data Misuse of data can have a negative impact on individuals. For example when we register a credit card at the mall. Mostly, there will be offers from either other credit card providers or other advertisements that we would ask from where or whom this sales person obtain our number. Another example is the leak of permanent voter list (which the KPU said that those data indeed opened for public). What can you do with that data? We can sell those data to certain parties. For criminals, this information can be used for fraud activities. Proper data processing will provide economic value. The ethics of the data owner can determine how this value is obtained and who may take economic value from the data.
Implementation of Data Ethics Data Ethics Vision Vision really determines the direction / goals of the organization. In this context, the organization needs to determine what ethical data usage is in the organization. The vision can be adopted from data ethics principles chosen by Management. Strategy Strategies are arranged to achieve the vision. In this case, organizations need to develop strategies so that data ethics can be applied and carried out consistently as part of the organization's culture. Governance To "force" stakeholders to carry out data ethics practices, organizations need to develop effective policies and procedures and ensure that each related party has clearly defined responsibilities. Infrastructure & Architecture Managing complex data (especially for large organizations) will certainly be easier and integrated if the organization has visibility of all data and is outlined in architecture (for example Enterprise Architecture) and supported by systems and infrastructure that are qualified and reliable. Data Insight The use of insight to support clear and accurate data results is certainly very necessary. Use of tools (such as dashboards) can help organizations monitor and provide early warnings of potential ethical data violations. Training & Development People are the main factor in the context of data ethics. Organizations need to conduct training related to ethics in the use (and misuse) of data. Of course this can be done when the organization conducts socialization or training related to Data Privacy and Personal Data Protection, because data ethics is attached to both
2020 ?? Understanding regulatory requirements is very important
Regulation: RUU Perlindungan Data Pribadi Data Ethics Key Highlight ▪ Explicit Consent is required from the data owner for personal data processing. ▪ Responding timelines for Data subject rights have been separately called out in the RUU PDP. ▪ Data controller to notify the data owner and the Minister within 3 days of data breach. ▪ Penalties for non-compliance may range from Rp 20 Billion to Rp 70 Billion or Imprisonment ranging from 2 to 7 years Data Owner Data Controller Data Processor Data Protection Officer
Sample RUU PDP Article: Visual Processing Tools Data Ethics
Privacy Regulation Impact for Data Scientist Data Ethics Data scientists working with user data are facing several challenges: 1. Making data both protected and accessible (for when lawful disclosure is required) 2. Creating ways of data sharing and processing that not only preserve privacy but allow retracting information, if need be 3. Maintaining enough flexibility and interpretability to provide sufficient transparency of processes (and additionally to future-proof the technology) 4. Learning to work with limited data, where its usage is restricted or regulated by law 5. For projects intended for multiple countries: providing compliance with varying regional laws regarding data privacy and security User Profiling Consent Management Data Decrement
Data Masking Data Ethics Encryption Tokenization Anonymization Pseudonymization Source: https://teskalabs.com/blog/data-privacy-pseudonymization-anonymization-encryption Pseudonymized Anonymized
Data Masking - Tokenization Data Ethics Source: https://blog.thalesesecurity.com/2015/02/05/token-gesture-vormetric-unveils-new-tokenization-solution/ No sensitive data is stored in the production database
Privacy Control in ETL Process Data Ethics Source: Big Data Privacy: a Technological Perspective and Review Big data architecture and testing area new paradigms for privacy conformance testing to the four areas of the ETL (Extract, Transform, and Load) processes
Privacy Control in ETL Process Data Ethics Source: Big Data Privacy: a Technological Perspective and Review Big data architecture and testing area new paradigms for privacy conformance testing to the four areas of the ETL (Extract, Transform, and Load) processes as described below. 1. Pre‐Hadoop process validation. This step does the representation of the data loading process. At this step, the privacy specifications characterize the sensitive pieces of data that can uniquely identify a user or an entity. Privacy terms can likewise indicate which pieces of data can be stored and for how long. At this step, schema restrictions can take place as well. 2. Map‐reduce process validation. This process changes big data assets to effectively react to a query. Privacy terms can tell the minimum number of returned records required to cover individual values, in addition to constraints on data sharing between various processes. 3. ETL process validation. Similar to step (2), warehousing rationale should be confirmed at this step for compliance with privacy terms. Some data values may be aggregated anonymously or excluded in the warehouse if that indicates high probability of identifying individuals. 4. Reports testing reports are another form of questions, conceivably with higher visibility and wider audience. Privacy terms that characterize ‘purpose’ are fundamental to check that sensitive data is not reported with the exception of specified uses.
Big Data Security
Data Governance: Common Area Big Data Security Source: https://www.pinterest.com/pin/838584393089888744/ Data Security is one of foundational and important area in Data Governance
Big Data : Big risks Big Data Security Big Data carries significant security, privacy, and transfer risks that are real and will continue to escalate. It is important that companies give consideration to the risks related to : which can result in new data creation when combining data from a multitude of sources as organizations seek to optimize their Big Data programs. Identification Re-Identification Predictive Analytics Indiscriminate collection of data Increased risk of data breach
Challenge to Big Data Security & Privacy Big Data Security • Protecting Transaction Logs and Data • Validation and Filtration of End-Point Inputs • Securing Distributed Framework Calculations and Other Processes • Securing and Protecting Data in Real Time • Protecting Access Control Method Communication and Encryption • Data Provenance • Granular Auditing • Granular access control • Privacy Protection for Non-Rational Data Stores Big Data governance Re-identification risk Third Parties risk Interpreting current regulations and anticipating future regulations Maintaining privacy and security requirements
Approach to Building out Big Data Security and Privacy Program Big Data Security Source: KPMG – Navigating Big Data Privacy and Security Challenges Data Governance Data governance program must be established that provides clear direction for how the data is handled and protected by the organization. Compliance Organizations must identify and understand the security and privacy regulations that apply to the data they store, process, and transmit. Data use cases and data feed approval A key consideration in the adoption of any new data feed is that the potential risk for re-identification increases when existing data feeds are combined with new data feeds Consent Management Customer consent management is critical to the success implementation of any Big Data governance. Customer consent requires Transparency, Consistency, and Granularity Access management Organizations must effectively control who within the organization has access to the data sets. Anonymization Anonymization means removing all Personally Identifiable Information (PII) from a data set and permanently turning it into non-identifying data. Data sharing/third-party management Organizations maintain a responsibility to their customers as they share data with third parties.
Differential Privacy (DP) Mechanism Big Data Security Data Transformation Differential Privacy (DP) was conceived to deal with privacy threats to prevent unwanted re-identification and other privacy threats to individuals whose personal information is present in large datasets, while providing useful access to data. Under the DP model, personal information in a large database is not modified and released for analysts to use. Original Data Coefficients Noisy Coefficients Private Data Transform Noise Invert General Idea ▪ Apply transform of data ▪ Add noise in the transformed space (based on sensitivity) ▪ Publish noisy coefficients, or invert transform (post-processing) Goal ▪ Pick a transform that preserves good properties of data ▪ And which has low sensitivity, so noise does not corrupt [Sample] Laplace Noise scaled by sensitivity
Differential Privacy (DP) Implementation - Example Big Data Security Uber uses DP as part of their data analysis pipeline and other development workflows. A novel aspect of their implementation is the use of Elastic Sensitivity, a technique that allows you to compute the sensitivity of a query and met Uber’s demanding performance and scalability requirements Source: https://medium.com/uber-security-privacy/differential-privacy-open-source-7892c82c42b6
Case Study
Case Study: Big Data IT Audit & Penetration Testing Case Study Client is planning to launch XYZ Big Data platform after development process done. It is important for Client to ensure that XYZ Big Data application and its infrastructure systems are properly protected and secured. Scope XYZ Big Data Platform, ABC Cloud-based Machine Learning, and supporting infrastructure Top Findings / Issues Penetration Testing IT Audit ▪ Default Login Password Lead To Root Access ▪ Unrestricted Access to Administration Web Page ▪ Unrestricted access to share folder directory leads to sensitive information disclosure (e.g KTP, Invoice) ▪ User information disclosure via Insecure Direct Object Reference (IDOR) ▪ Shared user ID: There is a shared user ID/admin account for both database and application levels ▪ Access Administration: Administrator access to the application can be granted and authorized by users themselves ▪ Activity Log: Review over logs of administrative user activities could not be conducted
Thank You ☺ https://medium.com/@proferyk https://www.slideshare.net/proferyk IT Advisory & Risk (t.me/itadvindonesia) Data Privacy & Protection (t.me/dataprivid) Komunitas Data Privacy & Protection (t.me/dataprotectionid)

Recommended

Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiEryk Budi Pratama
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsEryk Budi Pratama
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityEryk Budi Pratama
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 

Recommended

Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiEryk Budi Pratama
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Guardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsGuardians of Trust: Building Trust in Data & Analytics
Guardians of Trust: Building Trust in Data & AnalyticsEryk Budi Pratama
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityEryk Budi Pratama
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacyrajab ssemwogerere
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in IndonesiaEryk Budi Pratama
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)Happiest Minds Technologies
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants- Mark - Fullbright
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safeALI ANWAR, OCP®
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?Peter Witsenburg
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incDruva
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONPranav Godse
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DMabethan
 

More Related Content

What's hot

Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyEryk Budi Pratama
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in IndonesiaEryk Budi Pratama
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants- Mark - Fullbright
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy QuizDruva
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinSridhar Karnam
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incDruva
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsLindaWatson19
 

What's hot (20)

Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in Indonesia
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
 
Wp security-data-safe
Wp security-data-safeWp security-data-safe
Wp security-data-safe
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdf
 
Enterprise Data Privacy Quiz
Enterprise Data Privacy QuizEnterprise Data Privacy Quiz
Enterprise Data Privacy Quiz
 
Big Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy FranklinBig Data Security Analytics (BDSA) with Randy Franklin
Big Data Security Analytics (BDSA) with Randy Franklin
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
Where in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva incWhere in the world is your PII and other sensitive data? by @druva inc
Where in the world is your PII and other sensitive data? by @druva inc
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
 
Extending Information Security to Non-Production Environments
Extending Information Security to Non-Production EnvironmentsExtending Information Security to Non-Production Environments
Extending Information Security to Non-Production Environments
 

Similar to The Rise of Data Ethics and Security - AIDI Webinar

ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONPranav Godse
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DMabethan
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analyticsMarc Vael
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationcaniceconsulting
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptxRavindra Babu
 
Data set module 4
Data set module 4Data set module 4
Data set module 4Data-Set
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Ted Myerson
 
Data set Legislation
Data set LegislationData set Legislation
Data set LegislationData-Set
 
Data set Legislation
Data set LegislationData set Legislation
Data set LegislationData-Set
 
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfData Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfCIOWomenMagazine
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessSirius
 
Data set Legislation
Data set Legislation Data set Legislation
Data set Legislation Data-Set
 
[MU630] 005. Ethics, Privacy and Security
[MU630] 005. Ethics, Privacy and Security[MU630] 005. Ethics, Privacy and Security
[MU630] 005. Ethics, Privacy and SecurityAriantoMuditomo
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
A Review Study on the Privacy Preserving Data Mining Techniques and Approaches
A Review Study on the Privacy Preserving Data Mining Techniques and ApproachesA Review Study on the Privacy Preserving Data Mining Techniques and Approaches
A Review Study on the Privacy Preserving Data Mining Techniques and Approaches14894
 

Similar to The Rise of Data Ethics and Security - AIDI Webinar (20)

ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTIONETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
ETHICAL ISSUES WITH CUSTOMER DATA COLLECTION
 
Ethics In DW & DM
Ethics In DW & DMEthics In DW & DM
Ethics In DW & DM
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analytics
 
Smart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislationSmart Data Module 5 d drive_legislation
Smart Data Module 5 d drive_legislation
 
Big data security
Big data securityBig data security
Big data security
 
Big data security
Big data securityBig data security
Big data security
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
 
Ethics in Data Management.pptx
Ethics in Data Management.pptxEthics in Data Management.pptx
Ethics in Data Management.pptx
 
Ib3514141422
Ib3514141422Ib3514141422
Ib3514141422
 
Data set module 4
Data set module 4Data set module 4
Data set module 4
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
 
Data set Legislation
Data set LegislationData set Legislation
Data set Legislation
 
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfData Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
 
Unit 5 v2
Unit 5 v2Unit 5 v2
Unit 5 v2
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Data set Legislation
Data set Legislation Data set Legislation
Data set Legislation
 
[MU630] 005. Ethics, Privacy and Security
[MU630] 005. Ethics, Privacy and Security[MU630] 005. Ethics, Privacy and Security
[MU630] 005. Ethics, Privacy and Security
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
A Review Study on the Privacy Preserving Data Mining Techniques and Approaches
A Review Study on the Privacy Preserving Data Mining Techniques and ApproachesA Review Study on the Privacy Preserving Data Mining Techniques and Approaches
A Review Study on the Privacy Preserving Data Mining Techniques and Approaches
 

More from Eryk Budi Pratama

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIEryk Budi Pratama
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Eryk Budi Pratama
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaEryk Budi Pratama
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceEryk Budi Pratama
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Eryk Budi Pratama
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsEryk Budi Pratama
 
Industry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsIndustry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsEryk Budi Pratama
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationEryk Budi Pratama
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Eryk Budi Pratama
 
Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Eryk Budi Pratama
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?Eryk Budi Pratama
 
IT Operating Model - Fundamental
IT Operating Model - FundamentalIT Operating Model - Fundamental
IT Operating Model - FundamentalEryk Budi Pratama
 
Software Development Methodology - Unified Process
Software Development Methodology - Unified ProcessSoftware Development Methodology - Unified Process
Software Development Methodology - Unified ProcessEryk Budi Pratama
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityEryk Budi Pratama
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentEryk Budi Pratama
 

More from Eryk Budi Pratama (18)

Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIRingkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTI
 
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Modern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL IndonesiaModern IT Service Management Transformation - ITIL Indonesia
Modern IT Service Management Transformation - ITIL Indonesia
 
Blockchain for Accounting & Assurance
Blockchain for Accounting & AssuranceBlockchain for Accounting & Assurance
Blockchain for Accounting & Assurance
 
Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0Cybersecurity Skills in Industry 4.0
Cybersecurity Skills in Industry 4.0
 
Identity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOpsIdentity & Access Management for Securing DevOps
Identity & Access Management for Securing DevOps
 
Industry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT SkillsIndustry 4.0 : How to Build Relevant IT Skills
Industry 4.0 : How to Build Relevant IT Skills
 
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web ApplicationWeb Application Hacking - The Art of Exploiting Vulnerable Web Application
Web Application Hacking - The Art of Exploiting Vulnerable Web Application
 
Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)Emerging Technology Risk Series - Internet of Things (IoT)
Emerging Technology Risk Series - Internet of Things (IoT)
 
Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?
 
Data Privacy & Security
Data Privacy & SecurityData Privacy & Security
Data Privacy & Security
 
IT Operating Model - Fundamental
IT Operating Model - FundamentalIT Operating Model - Fundamental
IT Operating Model - Fundamental
 
Software Development Methodology - Unified Process
Software Development Methodology - Unified ProcessSoftware Development Methodology - Unified Process
Software Development Methodology - Unified Process
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
 
IT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability AssessmentIT Governance - COBIT 5 Capability Assessment
IT Governance - COBIT 5 Capability Assessment
 

Recently uploaded

毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degreeyuu sss
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfchwongval
 
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...Boston Institute of Analytics
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesTimothy Spann
 
Vision, Mission, Goals and Objectives ppt..pptx
Vision, Mission, Goals and Objectives ppt..pptxVision, Mission, Goals and Objectives ppt..pptx
Vision, Mission, Goals and Objectives ppt..pptxellehsormae
 
Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectBoston Institute of Analytics
 
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGILLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGIThomas Poetter
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.natarajan8993
 
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTPredictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTBoston Institute of Analytics
 
detection and classification of knee osteoarthritis.pptx
detection and classification of knee osteoarthritis.pptxdetection and classification of knee osteoarthritis.pptx
detection and classification of knee osteoarthritis.pptxAleenaJamil4
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024thyngster
 
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Thomas Poetter
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档208367051
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxMike Bennett
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfBoston Institute of Analytics
 
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...ssuserf63bd7
 
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...Boston Institute of Analytics
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...limedy534
 
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Boston Institute of Analytics
 

Recently uploaded (20)

毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdf
 
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...
NLP Data Science Project Presentation:Predicting Heart Disease with NLP Data ...
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
 
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
 
Vision, Mission, Goals and Objectives ppt..pptx
Vision, Mission, Goals and Objectives ppt..pptxVision, Mission, Goals and Objectives ppt..pptx
Vision, Mission, Goals and Objectives ppt..pptx
 
Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis Project
 
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGILLMs, LMMs, their Improvement Suggestions and the Path towards AGI
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.
 
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTPredictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
 
detection and classification of knee osteoarthritis.pptx
detection and classification of knee osteoarthritis.pptxdetection and classification of knee osteoarthritis.pptx
detection and classification of knee osteoarthritis.pptx
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
 
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
Minimizing AI Hallucinations/Confabulations and the Path towards AGI with Exa...
 
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
原版1:1定制南十字星大学毕业证(SCU毕业证)#文凭成绩单#真实留信学历认证永久存档
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptx
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
 
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
Statistics, Data Analysis, and Decision Modeling, 5th edition by James R. Eva...
 
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...
Data Analysis Project : Targeting the Right Customers, Presentation on Bank M...
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
 
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
Decoding the Heart: Student Presentation on Heart Attack Prediction with Data...
 

The Rise of Data Ethics and Security - AIDI Webinar

  • 1. 11 Eryk B. Pratama IT Advisory & Cyber Security Consultant at Global Consulting Firm Asosiasi Ilmuwan Data Indonesia (AIDI) Komunitas Data Privacy & Protection Indonesia 29 July 2020 AIDI Webinar The Rise of Data Ethics & Security
  • 2. About Me ❑ Global IT Advisory & Cyber Security Professional ❑ Asosiasi Ilmuwan Data Indonesia (AIDI) ❑ Komunitas Data Privacy & Protection Indonesia ❑ International Association of Privacy Professional (IAPP) ❑ Information Systems Audit and Control Association (ISACA) ❑ Community Enthusiast ❑ Blogger / Writer ❑ Knowledge Hunter ❑ https://medium.com/@proferyk ❑ https://www.slideshare.net/proferyk https://www.linkedin.com/in/erykbudipratama/ You can subscribe to my telegram channel. ▪ IT Advisory & Risk (t.me/itadvindonesia) ▪ Data Privacy & Protection (t.me/dataprivid) ▪ Komunitas Data Privacy & Protection (t.me/dataprotectionid)
  • 3. Agenda 01 Introduction 02 Data Ethics 03 Big Data Security
  • 5. Data Ethics & Privacy News Introduction
  • 6. Data/Information Lifecycle Introduction Source: ISACA – Getting Started with Data Governance with COBIT 5 It is important to plan the life cycle of data along with their placement within the governance structure. As practices operate, the data supporting or underlying them reach the various levels of their natural life cycles. Data is planned, designed, acquired, used, monitored and disposed of. Critical information security control Store | Data at Rest Share | Data in Motion Use | Data in Use
  • 7. A growing reliance on data and analytics trigger the rise of Four Anchors to make analytics more trusted Introduction Does it perform as intended?Are the inputs and the development process high quality? Is its use considered acceptable? Is its long term operation optimised? Percentage of respondents who reported being very confident in their D&A insights Source: https://home.kpmg/pl/en/home/insights/2018/01/report-building-trust-in-analytics.html
  • 8. Data sourcing is the key trust in stage of the analytics lifecycle Introduction Source: https://home.kpmg/pl/en/home/insights/2018/01/report-building-trust-in-analytics.html
  • 10. Ethics in Data Processing Data Ethics In the context of personal data, data represent the characteristics of individuals that can later be used to determine decisions that can affect the life of the individual. For example health data / medical records. What is the impact if a medical record is leaked? Unauthorized and irresponsible people can exploit it for financial needs, for example by selling medical records to companies that need the data. Impact on People Abuse Potential The economic value of data Misuse of data can have a negative impact on individuals. For example when we register a credit card at the mall. Mostly, there will be offers from either other credit card providers or other advertisements that we would ask from where or whom this sales person obtain our number. Another example is the leak of permanent voter list (which the KPU said that those data indeed opened for public). What can you do with that data? We can sell those data to certain parties. For criminals, this information can be used for fraud activities. Proper data processing will provide economic value. The ethics of the data owner can determine how this value is obtained and who may take economic value from the data.
  • 11. Implementation of Data Ethics Data Ethics Vision Vision really determines the direction / goals of the organization. In this context, the organization needs to determine what ethical data usage is in the organization. The vision can be adopted from data ethics principles chosen by Management. Strategy Strategies are arranged to achieve the vision. In this case, organizations need to develop strategies so that data ethics can be applied and carried out consistently as part of the organization's culture. Governance To "force" stakeholders to carry out data ethics practices, organizations need to develop effective policies and procedures and ensure that each related party has clearly defined responsibilities. Infrastructure & Architecture Managing complex data (especially for large organizations) will certainly be easier and integrated if the organization has visibility of all data and is outlined in architecture (for example Enterprise Architecture) and supported by systems and infrastructure that are qualified and reliable. Data Insight The use of insight to support clear and accurate data results is certainly very necessary. Use of tools (such as dashboards) can help organizations monitor and provide early warnings of potential ethical data violations. Training & Development People are the main factor in the context of data ethics. Organizations need to conduct training related to ethics in the use (and misuse) of data. Of course this can be done when the organization conducts socialization or training related to Data Privacy and Personal Data Protection, because data ethics is attached to both
  • 12. 2020 ?? Understanding regulatory requirements is very important
  • 13. Regulation: RUU Perlindungan Data Pribadi Data Ethics Key Highlight ▪ Explicit Consent is required from the data owner for personal data processing. ▪ Responding timelines for Data subject rights have been separately called out in the RUU PDP. ▪ Data controller to notify the data owner and the Minister within 3 days of data breach. ▪ Penalties for non-compliance may range from Rp 20 Billion to Rp 70 Billion or Imprisonment ranging from 2 to 7 years Data Owner Data Controller Data Processor Data Protection Officer
  • 14. Sample RUU PDP Article: Visual Processing Tools Data Ethics
  • 15. Privacy Regulation Impact for Data Scientist Data Ethics Data scientists working with user data are facing several challenges: 1. Making data both protected and accessible (for when lawful disclosure is required) 2. Creating ways of data sharing and processing that not only preserve privacy but allow retracting information, if need be 3. Maintaining enough flexibility and interpretability to provide sufficient transparency of processes (and additionally to future-proof the technology) 4. Learning to work with limited data, where its usage is restricted or regulated by law 5. For projects intended for multiple countries: providing compliance with varying regional laws regarding data privacy and security User Profiling Consent Management Data Decrement
  • 16. Data Masking Data Ethics Encryption Tokenization Anonymization Pseudonymization Source: https://teskalabs.com/blog/data-privacy-pseudonymization-anonymization-encryption Pseudonymized Anonymized
  • 17. Data Masking - Tokenization Data Ethics Source: https://blog.thalesesecurity.com/2015/02/05/token-gesture-vormetric-unveils-new-tokenization-solution/ No sensitive data is stored in the production database
  • 18. Privacy Control in ETL Process Data Ethics Source: Big Data Privacy: a Technological Perspective and Review Big data architecture and testing area new paradigms for privacy conformance testing to the four areas of the ETL (Extract, Transform, and Load) processes
  • 19. Privacy Control in ETL Process Data Ethics Source: Big Data Privacy: a Technological Perspective and Review Big data architecture and testing area new paradigms for privacy conformance testing to the four areas of the ETL (Extract, Transform, and Load) processes as described below. 1. Pre‐Hadoop process validation. This step does the representation of the data loading process. At this step, the privacy specifications characterize the sensitive pieces of data that can uniquely identify a user or an entity. Privacy terms can likewise indicate which pieces of data can be stored and for how long. At this step, schema restrictions can take place as well. 2. Map‐reduce process validation. This process changes big data assets to effectively react to a query. Privacy terms can tell the minimum number of returned records required to cover individual values, in addition to constraints on data sharing between various processes. 3. ETL process validation. Similar to step (2), warehousing rationale should be confirmed at this step for compliance with privacy terms. Some data values may be aggregated anonymously or excluded in the warehouse if that indicates high probability of identifying individuals. 4. Reports testing reports are another form of questions, conceivably with higher visibility and wider audience. Privacy terms that characterize ‘purpose’ are fundamental to check that sensitive data is not reported with the exception of specified uses.
  • 21. Data Governance: Common Area Big Data Security Source: https://www.pinterest.com/pin/838584393089888744/ Data Security is one of foundational and important area in Data Governance
  • 22. Big Data : Big risks Big Data Security Big Data carries significant security, privacy, and transfer risks that are real and will continue to escalate. It is important that companies give consideration to the risks related to : which can result in new data creation when combining data from a multitude of sources as organizations seek to optimize their Big Data programs. Identification Re-Identification Predictive Analytics Indiscriminate collection of data Increased risk of data breach
  • 23. Challenge to Big Data Security & Privacy Big Data Security • Protecting Transaction Logs and Data • Validation and Filtration of End-Point Inputs • Securing Distributed Framework Calculations and Other Processes • Securing and Protecting Data in Real Time • Protecting Access Control Method Communication and Encryption • Data Provenance • Granular Auditing • Granular access control • Privacy Protection for Non-Rational Data Stores Big Data governance Re-identification risk Third Parties risk Interpreting current regulations and anticipating future regulations Maintaining privacy and security requirements
  • 24. Approach to Building out Big Data Security and Privacy Program Big Data Security Source: KPMG – Navigating Big Data Privacy and Security Challenges Data Governance Data governance program must be established that provides clear direction for how the data is handled and protected by the organization. Compliance Organizations must identify and understand the security and privacy regulations that apply to the data they store, process, and transmit. Data use cases and data feed approval A key consideration in the adoption of any new data feed is that the potential risk for re-identification increases when existing data feeds are combined with new data feeds Consent Management Customer consent management is critical to the success implementation of any Big Data governance. Customer consent requires Transparency, Consistency, and Granularity Access management Organizations must effectively control who within the organization has access to the data sets. Anonymization Anonymization means removing all Personally Identifiable Information (PII) from a data set and permanently turning it into non-identifying data. Data sharing/third-party management Organizations maintain a responsibility to their customers as they share data with third parties.
  • 25. Differential Privacy (DP) Mechanism Big Data Security Data Transformation Differential Privacy (DP) was conceived to deal with privacy threats to prevent unwanted re-identification and other privacy threats to individuals whose personal information is present in large datasets, while providing useful access to data. Under the DP model, personal information in a large database is not modified and released for analysts to use. Original Data Coefficients Noisy Coefficients Private Data Transform Noise Invert General Idea ▪ Apply transform of data ▪ Add noise in the transformed space (based on sensitivity) ▪ Publish noisy coefficients, or invert transform (post-processing) Goal ▪ Pick a transform that preserves good properties of data ▪ And which has low sensitivity, so noise does not corrupt [Sample] Laplace Noise scaled by sensitivity
  • 26. Differential Privacy (DP) Implementation - Example Big Data Security Uber uses DP as part of their data analysis pipeline and other development workflows. A novel aspect of their implementation is the use of Elastic Sensitivity, a technique that allows you to compute the sensitivity of a query and met Uber’s demanding performance and scalability requirements Source: https://medium.com/uber-security-privacy/differential-privacy-open-source-7892c82c42b6
  • 28. Case Study: Big Data IT Audit & Penetration Testing Case Study Client is planning to launch XYZ Big Data platform after development process done. It is important for Client to ensure that XYZ Big Data application and its infrastructure systems are properly protected and secured. Scope XYZ Big Data Platform, ABC Cloud-based Machine Learning, and supporting infrastructure Top Findings / Issues Penetration Testing IT Audit ▪ Default Login Password Lead To Root Access ▪ Unrestricted Access to Administration Web Page ▪ Unrestricted access to share folder directory leads to sensitive information disclosure (e.g KTP, Invoice) ▪ User information disclosure via Insecure Direct Object Reference (IDOR) ▪ Shared user ID: There is a shared user ID/admin account for both database and application levels ▪ Access Administration: Administrator access to the application can be granted and authorized by users themselves ▪ Activity Log: Review over logs of administrative user activities could not be conducted
  • 29. Thank You ☺ https://medium.com/@proferyk https://www.slideshare.net/proferyk IT Advisory & Risk (t.me/itadvindonesia) Data Privacy & Protection (t.me/dataprivid) Komunitas Data Privacy & Protection (t.me/dataprotectionid)