Ulf Mattson

Enterprise Data Protection – Understanding Your Options and Strategies 

Ulf Mattson, Chief Technology Officer
Protegrity Corporation

Presentation Abstract:
The session will review the different options for data protection strategies for PCI DSS and other regulations. We will present case studies on data protection in an enterprise environment. We will position different solutions that can protect the enterprise data against advanced attacks from internal and external sources. We will show how to provide a balanced mix of different approaches to protect sensitive information like credit cards across different systems in the enterprise, including tokenization, encryption and hashing. We will show how to balance performance and security, in real-world scenarios, and recommend when to use encryption at the database level, application level and file level. This session will also present methods to protect the entire data flow across systems in an enterprise while minimizing the need for cryptographic services.

1. Review of case studies on enterprise data protection
2. How to prevent internal and external threats
3. Review solutions for enterprise data encryption and key management
4. How to prevent data misuse and advanced attacks on data
5. How to protect the entire enterprise data flow
6. How to develop a database encryption strategy balancing security, performance and other aspects
7. Review and position different solution alternatives.

Bio:
Ulf T. Mattsson, Chief Technology Officer, Protegrity Corporation, created the initial architecture of Protegrity’s database security technology, for which the company owns several key patents. His extensive IT and security industry experience includes 20 years with IBM as a manager of software development and a consulting resource to IBM's Research and Development organization. He specializes in the areas of IT Architecture and IT Security. Ulf is the inventor of a number of European patents and the following issued US Patents 7,325,129, 6,963,980, 6,321,201, 7,305,707, 7,120,933 and the following published pending US Patents 20060179296, 20070079119, 20070180240, 20080022136, 20020174352, 20080082837, 20080082834, 12/076,970, 20070174271, 20070101425, 20030101355, 20070067637, 20060259950, 20070083928 in the areas of Encryption Key Management, Separation of Duties, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control, Dynamic Access Control, Intrusion Prevention and Cross System Layer Security. He holds a master's degree in physics, a degree in finance and a degree in electrical engineering.

Ulf is an IBM Certified IT Architect and a research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security. He is also a member of the following: Computer Security Institute (CSI), Object Management Group (OMG) CORBA Security Service, Open Web Application Security Project (OWASP), Information Systems Security Association (ISSA), Information Systems Audit and Control Association (ISACA), The International Association of Science and Technology for Development (IAST), The Medical Records Institute (MRI), and The World Scientific and Engineering Academy and Society for Computer Security (WSEAS). He is also a prolific author of data security white papers based on his many years of research and development and his in-depth professional articles and papers are included in leading magazines including: SC Magazine, COMPUTERWORLD, Data Center Management, zJournal, DB2 Magazine, IBM Database Magazine, Database and Network Journal, Network, Security, Software World, OSNews, Linux Security and Network Computing. He has contributed to several Data Mining books, published by WIT Press.

He is a panel expert of PCI-Knowledge-Base and ‘ITSECURITY Experts’ and a frequent speaker at global conferences and user groups. Topics addressed include technology, databases, security and audit and he has presented at various conferences in New York, San Francisco, Los Angeles, Chicago, Boston, Miami, London, Stockholm, Copenhagen, Berlin and Tokyo and many oth.