The Upside Down of Data Protection

GettyImages-970293696Big data estates, advanced analytics and insights, and the democratization of artificial intelligence (AI) are accelerating digital transformations aimed at harnessing the value of data across the business landscape. It is especially prominent in financial services, healthcare, and consumer services where customer experience reigns (and an unfortunate feeding ground for fraud and abuse).

Privacy professionals, data protection experts, legal authorities, and regulatory compliance agencies continue to respond to societal concerns with legislation about the collection, protection, consent, use/sale, retention, and destruction of personal and sensitive data, including but not limited to the breach notification, disclosure requirements, and third-party service provider responsibilities.

Since data is everywhere and growing exponentially, the data security industry has historically referred to the states of data as: data at rest, data in transit, and data in use. There are a lot of solutions in the market to help organizations that my colleague Christophe extensively and expertly covers for data at rest and intelligent data management. Equally, there are numerous commercial solutions for email, documents, websites, endpoints and networks. But, when it comes to data in use, what if we are stuck in the upside down?

What if we don’t collect sensitive data in the first place? What if we don’t store any sensitive data? What if we could encrypt everything across the value data chain--raw data, third-party data, streaming data, models, searches, queries, and results? What if we could never decrypt the sensitive data that we do have? And… derive more value, monetization, and collaborative insights from the data for business outcomes--at scale, across jurisdictions, and in-use without negative customer impact and delays to market, while minimizing risk and compliance challenges.

Recently, I spoke with brilliant people from companies like Cape Privacy, Duality, Enveil, and Very Good Security that are turning things around with commercially available privacy-enhancing technologies (PETS) and advancements in secure computation (homomorphic encryption), which will be featured in research publishing later this summer.

Please let us know if you would like to be contacted when this research becomes available.   

Topics: Cybersecurity Data Protection