- Reboot Communications...Not just more security, adaptive security… •Security that can dynamically adapt to shifting context and risk… •Driven

<Insert Picture Here>

The Data Opportunity: Using data for economic and social benefit – reaping the benefits while addressing the challenges.

Joseph Alhadeff/Vice President Global Public Policy, Chief Privacy Strategist Victoria Privacy and Security Conference 2016

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 2

Are You Capitalizing on the Data Opportunity?

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

(Don’t just assemble information, take advantage of it) 3


“People think we got big by putting stores in small towns. Really we got big by replacing inventory with Information”. Sam Walton

http://www.slideshare.net/monicamishra10/walmart-value-chainanalysis

Data-Driven Innovation

4


Creating Unique Data-Driven Value In A Unique Way

Datafy More Activities

Create Proprietary Data Assets

Use Data To Make Data

Achieve Network Effects


Data Liquidity

DATA CAPITAL

CHANGE THE BUSINESS RUN THE BUSINESS


Enterprise Big Data Architecture

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |

BIG DATA MANAGEMENT

BIG DATA ANALYTICS

BIG DATA APPLICATIONS

BIG DATA INTEGRATION

DATA CAPITAL

Connect And Govern Any Data

Simplify Access To All Data

Discover And Predict, Fast

Accelerate Data-Driven Action


What is the value of data in context and application

Do you base your trust just on the sign?


Infrastructure

Platform

Software

Data Lake

Hyper-Converged Compute, Storage, Network

On Premises Cloud

Public Cloud

Data Warehouse

Data Factory

Data Lab

Algorithms Analytics Applications

Hybrid Cloud

9


How to use data to drive organizational change

Understand the objective, it’s benefits and risks…


Your operational challenges

Deliver new and better

services

Improve staff

development and morale

Cut service costs and

optimise budgets

Comply with

E-Gover nment policy

11


Addressing those challenges

Flexible processes to deliver new services

quickly

Improve operational insight to drive

good governance Empower staff to improve efficiency

and morale

Streamline processes to reduce

service cost

12


Challenges

13

Integration and support Time to value

Future scale in question

Loss of business opportunity Poor UX across channels

Static security model

Fragmented Solutions

Poor Digital Experience

TCO = Value

Onerous security implementation Lack of integrated

and closed loop processes Lack of accountability

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Solutions and Connecting the Customer Experience

14

Engage candidates for future needs to best serve customers

Knowledge management Cross-channel contact Field service

Data management Cross-channel Individual campaigns Content

Sales automation Territory and quota Partner management

Storefront Experience Merchandising

Configure Price Quote

One integrated platform

Modern HR Service

Sales

CPQ

Commerce

Marketing

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Providing the Platform of Change

15

INTEGRATION

ANALYTICS

DATA

MANAGMENT

MOBILE COLLABORATION

CUSTOM APP

SECURITY


Example of Integrated Process

Airplane detects A/C malfunction: Determines 45- minute delay to fix

Pilot/airline approves

Passengers notified to arrive 45 minutes later

Repairs scheduled when plane lands on tarmac

Airlines alerts all technicians to check A/C units for similar planes


Data drives Smart Cities…


Solution for Cities That Want to Become Smart

• Integrated multi-channel services (self-service web/chat, email, local single number) delivery platform for 90%+ resolution of most government service requests

• Analytics for continuous improvement of service delivery, which services to prioritize, extend, consolidate or even discontinue

• Modernize IT infrastructure to enable integration and interoperability with the city’s existing siloed legacy IT infrastructure to enhance service delivery capability

ENGINE

COCKPIT

Fuselage

18


Where do you need to improve?

• Meet key objectives and targets

• Measure performance against objectives and targets

• Enable citizens to help themselves

• Deliver seamless service across channels

• Remove service bottlenecks

• Understand and control the cost of service delivery

• Better access to information for staff and citizens

• Motivate staff to improve service levels and morale

19


Information Age Applications for Smart Cities

Financial Administration

Human Resources

Analytics

6

7

8

Governance, Risk & Compliance

9

IT Shared Services 10

External Groups 1

Single Point Of Access 2

City Operations 3

City Infrastructure 4

City Administration 5

0

Constituents


Nervous System

• Smart Cities are more than arrays of linked sensors; they are like an organism's nervous system – an ecosystem that collects information across a variety of sources and processes it for multiple uses including making inferences from information and developing derivative as well as new information from those sources.

21


• Data is the connective tissue for reliable, timely, and integrated Intelligence

• Data has inherent value and when combined with other data

• New intelligence is the result of combining and linking this data together

• Must meet the demand of the data growth, analysis and actionable results

• Need to empower analysts, developers and data scientist to explore, test and evaluate with ease and speed

• Must address the complex legal, commercial, and privacy rights issues governing data usage

Governments and the Private Sector use data to drive their missions and need to overcome many of the same challenges

Data Driven Intelligence

22


The Security and Privacy Paradigm

Privacy and security are closely related and context dependent. Security is closer to an absolute with variance in risk tolerance where privacy is more subjective in personal definition and application. Both concepts are screaming stop and walk away…


Not just more security, adaptive security…

•Security that can dynamically adapt to shifting context and risk… •Driven from the data layer and leveraged across the stack •While relying on integrated identity management •Supported by access controls, audit and real time notification


Risk-Aware Security

• Username and password are correct but is this really Mary?

• Is Mary doing anything suspicious?

• Can Mary answer a challenge if the risk is high enough?

Fraud Prevention Secure Login

Challenge

or Block

Model Risk

Evaluate

transactions

Analysis and

Forensics

Detect Anomalies


Real-Time Identity Theft + Fraud Prevention

Where a User Is (Geo-Location)

What a User Does

(Behavior Pattern + Profiling)

What A User Has

(Device Fingerprinting)

What A User Knows (Pin, Password,

Challenge Questions)

Users

Merchants

Admins

Custom Applications

Portals

Business Applications

User

Location Device

Adaptive Access Control

26


Real-Time Identity Theft + Fraud Prevention

Computed Risk Score

Users

Merchants

Admins Custom Applications

Portals

Business Applications

Allow

Block

Challenge

Alert

27


Oracle Identity Management

28

Secure Hybrid Identity Solution

Leverage security investment

Manage cloud/enterprise access Address regulatory compliance

Securing Digital Transformation

Enable digital business

Multi-channel user experience Contextual risk-aware security

Open, Scalable and Agile

Rapid time-to-value

Cloud architecture scale Standards and APIs


IDENTITY

MANAGEMENT

EVOLUTION

DIRECTORY: Consolidating Authoritative Sources

ACCESS: Attribute Based Access Control and UAAS Federation

GOVERNANCE: Enforcing Least Privilege and Addressing the Insider Threat

Enterprise Cloud Mobile


Current Community Challenges

Authorization Beyond Identities & Roles

Address the Insider Threat

Extend Security Infrastructure to Remote Sites

Ensure Alignment with Community Cloud


How Can These Challenges Be Addressed?

Fine Grained Access with ABAC

Profile and Behavior-based Access

Leverage UAAS Federation and Attribute Sharing

Employ Industry Vetted Security Standards and APIs


*7#$%!!@!%afb

##<>*$#@34

Data Encryption

Key Vault

Key Vault

Data Redaction dob:xx/xx/xxxx

ssn:xxx-xx-4321

Applications

Users

CX App

DB Controls

Access denied

Date of Birth

SSN Privileged Users Privileged

User

32

Protect Databases from Attacks

Region, Year

Size-based

Data Subsetting

Dev/Test Partners, BI

dob: 12/01/1987

Data Masking

11/05/1999

xxxxxxxxxx


Audit Data

Audit Data, Event Logs

33

Audit, Monitor, and Detect

Database Firewall

! ✔ Users

SYBASE

Policies

Reports

Alerts !

Network Events

Applications

Audit Vault


SECURITY INSIDE OUT Security close to the data eliminates guesswork, maximizes performance with application transparency

ENTERPRISE SCALE DEPLOYMENTS Across multiple systems: operating systems, heterogeneous databases, applications, …

Security From The Ground Up

DEFENSE IN DEPTH Layered overlapping controls with encryption, masking, auditing, monitoring, access control, redaction, …

CONTINUOUS INNOVATIONS Transparent Data Encryption, DBA Control, Redaction, Privilege Analysis, DB Firewall, RAS, Cloud, …


Defense-in-Depth for Maximum Security

Activity Monitoring

Database Firewall

Auditing and Reporting

DETECTIVE

Redaction and Masking

Privileged User Controls

Encryption

PREVENTIVE ADMINISTRATIVE

Sensitive Data Discovery

Configuration Management

Privilege Analysis


Risks for Databases in Cloud Risk Mitigation

Sensitive data exposure on test/dev/partner Mask and subset before moving to cloud

Loss of clear-text data Encrypt data by default

Block access to encryption keys Control keys with on-premise Key Vault

Block access by the cloud DBAs Restrict DBA access with Database Vault

Monitor Database activity Audit and monitor with on-premise Audit Vault and Database Firewall

36

Address Cloud Database Security Challenges

Maintain Control and Visibility

* Work in Progress


First, know your own system… some highlights… • Identify business goals and objectives

• Understand and optimize processes and workflows for the applicable operational and technological environment

• Generally understand the nature of the data and the resulting risk both to the enterprise and the end user/data subject of a compromise of the data

• Associate roles and privileges to those persons who will access data and assure that they are trained and accurately maintain roles and privileges as they change and apply appropriate separation of duties…

• Identify risks/threats, determine acceptable risk and mitigate risk to acceptable levels

• Security lifecycle management, training, incidence response, business continuity…

37

Documents

- Reboot Communications...Not just more security, adaptive security… •Security that can dynamically adapt to shifting context and risk… •Driven