Profile

Cover photo
Ulf Mattsson
Works at Protegrity
Attended Chalmers University of Technology
Lives in Connecticut, USA
91 followers|5,221 views
AboutPostsPhotosVideos

Stream

Ulf Mattsson

Shared publicly  - 
 
I think that we should expect that advanced intruders take control "of almost every server and workstation within the company."
Aberdeen Group reported in a very interesting study with the title “Tokenization Gets Traction” that tokenization users had 50% fewer security-related incidents than non-users and 47% of respondents are using tokenization for something other than cardholder data.
Aberdeen also has seen a steady increase in enterprise use of tokenization as an alternative to encryption for protecting sensitive data.
It is an effective approach for most sensitive data fields.
You don't have to be the size of Sony -- or even mock North Korea -- to be a target.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that "companies' effectiveness in combating information security threats is sliding, the copious security data collected by them is overwhelming and thus ineffective." 
 
Less than 14% of breaches are detected by internal security tools according to the annual international breach investigations report from Verizon. Detection by external third party entities unfortunately increased from approximately 10% to 25% during the last three years. Unfortunately, current security approaches can't tell you what normal looks like in your own systems. So we need to protect our sensitive data itself.
 
I found great advice in a Gartner report, covering enterprise and cloud, analyzed solutions for Data Protection and Data Access Governance and the title of the report is "Market Guide for Data–Centric Audit and Protection.”  I recently read another interesting Gartner report, "Big Data Needs a Data-Centric Security Focus," concluding," In order to avoid security chaos, Chief Information Security Officers (CISOs) need to approach big data through a data-centric approach.
 
Gartner is proposing data tokenization as an effective approach to security sensitive data.
 
I suggest that we should secure sensitive data across the entire data flow, including cloud, big data and enterprise systems. This approach can be very effective in addressing attacks against data, also from insider threats.
 
Ulf Mattsson, CTO Protegrity
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that it is important for “vendors to be more transparent about the controls they use to protect customer data in the cloud,” since you are still liable for your data even if the operation is outsourced to the cloud provider.

I found some good news in a report about cloud security from Gartner. The report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in SaaS applications”.

This approach can provide better control and security of your most sensitive data and compliance with stringent regulations.

Ulf Mattsson, CTO Protegrity
Enterprises are getting over long-held reservations about cloud security, but they also want vendors to be more transparent about the controls they use to protect customer data in the cloud.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that "With the development of hybrid cloud, businesses are now able to move a considerable amount of their infrastructure to the cloud whilst still remaining in control of their most sensitive data."

I found some good news in a report about cloud security from Gartner. The report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in SaaS applications”.

This approach can provide some additional flexibility in addressing attacks against data in cloud environments and compliance with stringent regulations.

Ulf Mattsson, CTO Protegrity
Hybrid cloud has allowed businesses to reap the benefits of low-cost public cloud offerings whilst keeping control of their most prized and sensitive data.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that "Strategy must come before tools, " and "to move to a risk-based model." I think that Data Centric Security is an interesting approach.

Ulf Mattsson, CTO Protegrity
There’s no silver bullet, so load up with as many of these as you can.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I’m very concerned that “where Chip and PIN has been used for many years, ID theft has spiked over 3,500 percent.”
Since “criminals had adapted their attacks” I would recommend a wider use of the promising data tokenization technology that is effective to secure the flow of all sensitive data. This type of technology can also be used to mitigate the risks associated with other sensitive information, including personal information.
We also know that the EMV Chip and PIN Cards does not protect against malware attacks like those we have been reading about in the news. Nor does it prevent card-not-present attacks and not against attacks beyond payment data, as seen in recent breaches.
Over the last few decades we’ve increasingly shifted from a cash and check based economy to a swipe based one as the adoption of credit and debit cards have soared. The downside of that shift, however, is the rise in payment fraud, which jumped nearly one-third in 2013, with 43% [...]
1
Add a comment...
Have him in circles
91 people
Mybirthday Partyorganizer's profile photo
Vinod Duggirala Naga's profile photo
Ryan Smith's profile photo
Andrew Cardno's profile photo
madhav singh's profile photo
metatagsinsocialmedia's profile photo
ahmed maged's profile photo
Al Puzyreff's profile photo
Razia Sultana's profile photo

Communities

Ulf Mattsson

Shared publicly  - 
 
I agree that "Multiple data sources and systems also create additional complexity and heighten security concern," and that all this information instead can become a “business burden." I can understand complains about “siloed data repositories, poor data consistency, incompatible data types and long project lead times."

I found great advice in a Gartner report, covering enterprise and cloud, analyzed solutions for Data Protection and Data Access Governance and the title of the report is "Market Guide for Data–Centric Audit and Protection.”

The report concluded that "Organizations that have not developed data-centric security policies to coordinate management processes and security controls across data silos need to act."

I think that the sensitive data itself need to be selectively protected across all data silos.

Ulf Mattsson, CTO Protegrity
Turning connected consumers into allies Chief Marketing Officers (CMOs) are operating in a period where expectations among connected and mobile customers have never been higher. Customers and prospects expect to engage on their terms and they insist on consistency across multiple points of contact and channels for a seamless delivery of service. Get it wrong and they are unlikely to stick around. For many CMOs this is a make or break opportunity.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that “hybrid cloud has allowed businesses to reap the benefits of lower cost public cloud offerings whilst keeping control of their most prized and sensitive data on-premise."

I found some good news in a report about cloud security from Gartner. The report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in SaaS applications”.

This approach can provide additional flexibility in controlling the security of your most sensitive data and compliance with stringent regulations.

Ulf Mattsson, CTO Protegrity
When cloud technology started to gain traction with businesses the main concerns expressed were over data security and control. Customers questioned what compromises they would have to make with their on-premise infrastructure to reap the benefits of cloud computing.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that "In some industries, like health care, encrypting files before uploading them to the cloud is non-negotiable.”

I found some good news in a report about cloud security from Gartner. The report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in SaaS applications”.

This approach can provide great flexibility in addressing attacks against data in cloud environments and compliance with stringent regulations.

Ulf Mattsson, CTO Protegrity
After high-profile data breaches of Home Depot, JPMorgan Chase, Sony Pictures, and Anthem, businesses across every industry are investing heavily in data protection. In the retail industry alone, Forrester predicts a double-digit increase in security spending. Before you start throwing money at your cybersecurity worries, use common-sense precautions to protect your [...]
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree that “the fact remains that once someone has this data there’s a chance – even if only a small one – that they’re going to lose it.” I’m concerned about the increasing threat of data breaches.
We already have an urgent issue to resolve since 90 % of all our data was collected in the last 2 years and the rate of data collection is continue to increase. EMC Corporation forecasts the digital universe of Internet of Things has doubled every two years and may be increased 10-fold between 2013 and 2020 from 4.4 trillion to 44 trillion gigabytes.
We also have an industry-wide shortage of skills in big data, cloud, IoT, mobile and data security. I think that we urgently need to use available technology to address these issues while working on longer term policies.
My view is to reach the goal of securing the data while preserving its value for analytics, the data itself must be protected at as fine-grained a level as possible. Securing individual fields allows for the greatest flexibility in protecting sensitive identifying fields while allowing nonidentifying information to remain in the clear.
By protecting data at a very fine-grained level—fields or even part(s) of a field—we can continue to reap the benefits of data monetization while putting forth a significant barrier to data theft. I talk more about this issue here www.sramanamitra.com/2014/10/03/thought-leaders-in-big-data-ulf-mattsson-cto-of-protegrity-part-1/ .
Ulf Mattsson, CTO Protegrity
Regardless of where you are in the world, your government is considering how much of your data they can store and monitor. We've just passed our own rather controversial metadata laws down here in Australia and the same discussions are being had in governments across the globe, because creepy ...
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I agree “while confidence in cloud security is growing, many cloud packages still fail to provide complete compliance certification.” If the data is very sensitive you may not even want encryption keys to be sent to the cloud.

A recent report from Gartner had some good news in this area and concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in cloud applications”. Cloud Encryption Gateways encrypts data before sending it into the cloud.

This approach can be very effective in addressing attacks against cloud data and compliance with regulations.

Ulf Mattsson, CTO Protegrity
It pays to future-proof cloud contracts, making sure the deal you sign today is aligned with evolving business needs. Here are five terms SaaS buyers should insist on when making new deals.
1
Add a comment...

Ulf Mattsson

Shared publicly  - 
 
I like that “The Computing Cell is the only infrastructure service that encrypts entire workloads—all virtual machine or container instances and attached storage, including root volumes, data volumes and server-based instance storage—to enable enterprises to process and store sensitive data on the public cloud.” But if the data is very sensitive you may not even want the encryption keys to be sent to the cloud when they are used for encryption and decryption of the storage volumes.
1
Add a comment...
People
Have him in circles
91 people
Mybirthday Partyorganizer's profile photo
Vinod Duggirala Naga's profile photo
Ryan Smith's profile photo
Andrew Cardno's profile photo
madhav singh's profile photo
metatagsinsocialmedia's profile photo
ahmed maged's profile photo
Al Puzyreff's profile photo
Razia Sultana's profile photo
Communities
Education
  • Chalmers University of Technology
  • IBM Management School
  • Stockholm University
  • Polhem Institute of Technology
  • Kungsladugardsskolan
  • Skytteskolan
Basic Information
Gender
Male
Story
Introduction
I created vault-less data tokenization and the architecture of Protegrity's data centric security technology. Prior to joining Protegrity, I worked 20 years at IBM in software development and as a consulting resource to IBM's Research organization, specialized in the areas of IT Architecture and IT Security. I received my US Green Card of class 'EB 11 - Individual of Extraordinary Ability' after endorsement by IBM Research in 2004.
I am the inventor of more than 20 patents in the areas of Encryption Key Management, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention. One line of my research during the last 15 years is in the area of managing and enforcing policies (security, encryption, audit) for databases, including more than 10 joint projects with research and development teams at IBM, Microsoft, Hewlett-Packard, Oracle, Sybase, Informix, Teradata, and RSA.
I am a research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security, ANSI X9 and IEEE. Leading journals and professions magazines, including IEEE Xplore and IBM Journals, have published more than 100 of my in-depth professional articles and papers.
I received Industry's 2008 Most Valuable Performers (MVP) award together with technology leaders from IBM, Cisco Systems., Ingres, Google and other leading companies. I have given a series of presentations at leading security and database conferences in US, Europe and ASIA, and frequent tutorials at the Information Systems Security Association (ISSA) and Information Systems Audit and Control Association (ISACA). I received a master's degree in physics in 1979 from Chalmers University of Technology in Sweden, and degrees in electrical engineering and finance.
Bragging rights
Invented vault-less data tokenization
Work
Occupation
Chief Technology Officer
Employment
  • Protegrity
    Chief Technology Officer, present
  • IBM
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Connecticut, USA
Previously
Sweden - Stockholm, Gothenburg
Contact Information
Home
Email
Work
Email