Controlling Privacy and the Use of Data Assets - Volume 2: What Is the New World Currency - Data or Trust?

The book will review how new and old privacy-preserving techniques can provide practical protection for data in transit, use, and rest. We will position techniques like Data Integrity and Ledger and will provide practical lessons in Data Integrity, Trust, and data's business utility.

Based on a good understanding of new and old technologies, emerging trends, and a broad experience from many projects in this domain, this book will provide a unique context about the WHY (requirements and drivers), WHAT (what to do), and HOW (how to implement), as well as reviewing the current state and major forces representing challenges or driving change, what you should be trying to achieve and how you can do it, including discussions of different options. We will also discuss WHERE (in systems) and WHEN (roadmap). Unlike other general or academic texts, this book is being written to offer practical general advice, outline actionable strategies, and include templates for immediate use. It contains diagrams needed to describe the topics and Use Cases and presents current real-world issues and technological mitigation strategies. The inclusion of the risks to both owners and custodians provides a strong case for why people should care.

This book reflects the perspective of a Chief Technology Officer (CTO) and Chief Security Strategist (CSS). The Author has worked in and with startups and some of the largest organizations in the world, and this book is intended for board members, senior decision-makers, and global government policy officials--CISOs, CSOs, CPOs, CTOs, auditors, consultants, investors, and other people interested in data privacy and security. The Author also embeds a business perspective, answering the question of why this an important topic for the board, audit committee, and senior management regarding achieving business objectives, strategies, and goals and applying the risk appetite and tolerance.

The focus is on Technical Visionary Leaders, including CTO, Chief Data Officer, Chief Privacy Officer, EVP/SVP/VP of Technology, Analytics, Data Architect, Chief Information Officer, EVP/SVP/VP of I.T., Chief Information Security Officer (CISO), Chief Risk Officer, Chief Compliance Officer, Chief Security Officer (CSO), EVP/SVP/VP of Security, Risk Compliance, and Governance. It can also be interesting reading for privacy regulators, especially those in developed nations with specialist privacy oversight agencies (government departments) across their jurisdictions (e.g., federal and state levels).

這本書將回顧新舊的隱私保護技術如何在數據在傳輸、使用和休息時提供實際的保護。我們將介紹數據完整性和分類帳等技術，並提供有關數據完整性、信任和數據商業效益的實用教訓。

基於對新舊技術、新興趨勢的深入了解以及在該領域的許多項目中的廣泛經驗，本書將提供關於為什麼（需求和驅動因素）、該做什麼以及如何實施的獨特背景，同時回顧目前的狀態和代表挑戰或推動變革的主要力量，以及您應該努力實現的目標和如何實現它，包括討論不同的選擇。我們還將討論系統中的位置和時間表。與其他一般或學術文本不同，本書的撰寫旨在提供實用的一般建議，概述可行的策略，並包含可立即使用的模板。它包含描述主題和使用案例所需的圖表，並呈現當前的現實問題和技術緩解策略。對所有者和保管人的風險的包含提供了為什麼人們應該關心的有力理由。

這本書反映了首席技術官（CTO）和首席安全策略師（CSS）的觀點。作者曾在初創企業和全球最大組織中工作，本書面向董事會成員、高級決策者和全球政府政策官員，包括CISO、CSO、CPO、CTO、審計師、顧問、投資者和其他對數據隱私和安全感興趣的人。作者還嵌入了商業觀點，回答了為什麼這是董事會、審計委員會和高級管理層關注的重要話題，以實現業務目標、策略和目標，並應用風險承受能力和容忍度。

重點是技術願景領導者，包括CTO、首席數據官、首席隱私官、技術、分析、數據架構師的EVP/SVP/VP、首席信息官、IT的EVP/SVP/VP、首席信息安全官（CISO）、首席風險官、首席合規官、首席安全官（CSO）、安全、風險合規和治理的EVP/SVP/VP。對於隱私監管機構，特別是那些在其司法管轄區內擁有專門隱私監督機構（政府部門）的發達國家，這也是一本有趣的閱讀材料（例如聯邦和州級）。

Ulf Mattsson is a recognized information security and data privacy expert with a strong track record of more than two decades implementing cost-effective data security and privacy controls for global Fortune 500 institutions, including Citigroup, Goldman Sachs, GE Capital, BNY Mellon, AIG, Visa USA, Mastercard Worldwide, American Express, The Coca Cola Company, Wal-Mart, BestBuy, KOHL's, Microsoft, IBM, Informix, Sybase, Teradata, and RSA Security. He is currently the Chief Security Strategist and earlier the Chief Technology Officer at Protegrity, a data security company he co-founded after working 20 years at IBM in software development. Ulf is an inventor of more than 70 issued U.S. patents in data privacy and security.

Ulf is active in the information security industry as a contributor to the development of data privacy and security standards in the Payment Card Industry Data Security Standard (PCI DSS) and American National Standards Institute (ANSI) X9 for the financial industry. He is on the advisory board of directors at PACE University, NY, in the area of cloud security and a frequent speaker at various international events and conferences, including the RSA Conference, and the author of more than 100 in-depth professional articles and papers on data privacy and security, including IBM Journals, IEEE Xplore, ISSA Journal and ISACA Journal.

Ulf holds a master's in physics in Engineering from Chalmers University of Technology in Sweden.

Ulf Mattsson是一位被公認的資訊安全和數據隱私專家，擁有超過二十年的豐富經驗，在全球財富500強企業中實施具有成本效益的數據安全和隱私控制措施，包括花旗集團、高盛、GE Capital、BNY Mellon、AIG、Visa USA、萬事達卡、美國運通、可口可樂公司、沃爾瑪、百思買、KOHL's、微軟、IBM、Informix、Sybase、Teradata和RSA Security等。他目前是Protegrity的首席安全策略師，此前在IBM工作了20年，並共同創辦了這家數據安全公司。Ulf是超過70項美國專利的發明人，專利涵蓋數據隱私和安全領域。

Ulf在信息安全行業中活躍，為付款卡行業數據安全標準（PCI DSS）和美國國家標準協會（ANSI）X9的發展做出了貢獻。他是紐約PACE大學的諮詢董事會成員，專注於雲安全領域，並經常在各種國際活動和會議上發表演講，包括RSA Conference，並撰寫了100多篇關於數據隱私和安全的深入專業文章和論文，包括IBM Journals、IEEE Xplore、ISSA Journal和ISACA Journal。

Ulf擁有瑞典查爾默斯理工大學的物理工程碩士學位。