Technical Panel: Data-Centric Security – A New Approach to Protecting, Sharing and Controlling NATO Data Assets

  • Room: Granby AB
Thursday, November 14, 2019: 9:30 AM - 11:30 AM

Speaker(s)

Moderator (confirmed)
Konrad Wrona, Dr.-Ing.
Principal Scientist
NATO Communications and Information Agency
Panelist (confirmed)
Alan Borland
Boldon James, UK
Panelist (confirmed)
Patricia Lee
ICAM Systems Engineer
Office of the Department of Defense Chief Information Officer (DoD CIO)
Panelist (confirmed)
LtCol Abigail Parkinson
NATO Allied Command Transformation
Panelist (confirmed)
Hemma Prafullchandra
Chief Technology Officer
Microsoft 365 Security+ Compliance
Panelist (confirmed)
Ryan Schultz
NATO Data Management Capability Team Chair
Data and Service Division, JS J6
Panelist (confirmed)
Gerry Talbert
Principal Advisor Information Assurance and Security (IAS)|C4S Group
Cyber and Information Systems Division, DSTL, UK

Description

Approved for 2 CompTIA CEUs: A+, Network+, Security+, Cloud+, CySA+, CASP+, PenTest+; 2 CertNexus CFR CECs and 2 GIAC CPEs

Recently, the Allied Command Transformation (ACT) has proposed a Vision and Strategy for adoption of a Data Centric Security (DCS) approach within the Alliance Federation. Data Centric Security has three main tenets where data is the key focus: Control, Protect and Share. As the Alliance Federation transitions to new CIS paradigms and faces increasingly changeable and dynamic operational conditions, understanding where data is located, how it flows, controlling its usage, identifying what risks it is exposed to and who is permitted to access it requires a comprehensive data centric approach. This includes the evolutionary enhancement of defence-in-depth and information sharing by focusing on the data itself through the development of a DCS approach. The DCS Vision and Strategy provides a framework for the development of capabilities related to data centric activities within the Alliance Federation. Acknowledging data - and information conveyed by this data - as a critical resource, DCS represents a comprehensive approach that will enhance our vital capability to control and protect NATO information and share it with trusted partners across the multiple security domains of the Alliance Federation. DCS will enhance the principal benefits of operational agility and security. A DCS approach facilitates at its core, the labelling of our data with trusted metadata, access management, automation for sharing information cross-domain and, latterly, cryptographic object level protection to deliver enhanced post-release control and data leak protection. These benefits will be felt both in the office environment and during Alliance operations.   The panel will discuss the DCS Vision and Strategy, and feasibility, risks and benefits of DCS for implementation in the NATO Enterprise and the Alliance Federation and how this evolution may be achieved.

Tracks:

Sponsored by:

Approved for 2 CompTIA CEUs: A+, Network+, Security+, Cloud+, CySA+, CASP+, PenTest+; 2 CertNexus CFR CECs and 2 GIAC CPEs