Data Security and Privacy Lifecycle Management

Logo
Presented by

Arpitha Kaushik (Senior Manager Technical Risk, Marvell Technology Inc.) and Yazad Khandhadia (Head of Architecture, Emirates NBD)

About this talk

In this presentation we explore the Data Security and Privacy Lifecycle Management (DSP) domain, which includes nineteen control specifications focused on privacy and data security. These controls are globally applicable and not tied to any specific industry, country, or regulation, though they reflect common elements from major privacy regulations. Serving as a valuable baseline, these controls may require organizations in specific regions or sectors to implement additional data protection measures. The DSP domain covers the entire data lifecycle, from creation to disposal, addressing critical aspects like data privacy, classification, retention, and disposal according to applicable laws, regulations, and risk levels. These controls assist both Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) in safeguarding data and ensuring compliance with relevant data protection laws. In the Shared Security Responsibility Model (SSRM), CSPs are responsible for securing the cloud infrastructure and providing capabilities for secure data storage, access, and disposal. CSCs, in turn, are responsible for securing the data they store or process within the cloud, classifying it, leveraging CSP-provided tools like encryption, and ensuring compliance with data privacy regulations.
Related topics:

More from this channel

Upcoming talks (7)
On-demand talks (945)
Subscribers (71356)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa