Post on 23-Jul-2020
Asif Dhanani Sr. Manager, Cyber Security
Protecting Your Data in the Digital Era
www.pwc.com
PwC Alliances
Facts
2018 so far…..Number of breaches in 2018 so far have already surpassed total number from 2017
Top breaches so far by industry and region:• Government/Nation (APAC) – 1.1 Billion records January 3, 2018
• Marketing (NA) – 340 Million records June 26, 2018
• Retail and Online vendor app (NA) – 150 Million records May 25, 2018
• Online Service Provider (NA)– 92 Million records June 4, 2018
• Payment Processor (NA) – 14 Million records exposed (still under review) September 2018
PwC Alliances
Data is the new currency….
Proliferation of dataOrganizations are monetizing data to generate revenue. For example: Travel, Food Delivery Services, Banking, Online Shopping etc.
Implication Individual privacy is at stake. Consumer awareness New Federal and State regulations (GDPR, CCPA etc.)
Our ChallengeHow to create, use and share data without compromising trust and privacy
PwC Alliances
How does data loss occur?
PwC AlliancesPwC AlliancesPwC Alliances
Capabilities must work together to protect data:
• Identity Access Management• Threat and Vulnerability Management• Third Party Risk Management• Secure Awareness• Security Operation Center (SOC/SEIM)
• (Firewalls, IDS/IPS, Web Proxies, Email gateways)• Data Protection
PwC Alliances
A data protection program should protect data from the start.
PwC Alliances
Anatomy of Data Loss: Lessons learned
PwC Alliances
Encryption and Tokenization are key to achieving organizational data protection
PwC Alliances
Data Protection within the Data Lifecycle
1. Create
2. Store
3. Use
4. Share
5. Archive
6. Destroy
Data protection must start at this level…
PwC Alliances
Thank you!
© 2016 PwC. All rights reserved. Not for further distribution without the permission of PwC. “PwC” refers to the network of member firms of PricewaterhouseCoopers International Limited (PwCIL), or, as the context requires, individual member firms of the PwC network. Each member firm is a separate legal entity and does not act as agent of PwCIL or any other member firm. PwCIL does not provide any services to clients. PwCIL is not responsible or liable for the acts or omissions of any of its member firms nor can it control the exercise of their professional judgment or bind them in any way. No member firm is responsible or liable for the acts or omissions of any other member firm nor can it control the exercise of another member firm’s professional judgment or bind another member firm or PwCIL in any way.
Speaker contact information:Asif Dhanani, CISSP, CISA, CISMasif.m.dhanani@pwc.com