Copy of Copy of Untitled.png
iown-in-light

Cyber Event Self-Reporting (CESR) Collab

The Cyber Event Self-Reporting (CESR) Collab is an iOWN community project that has been created by our members in order to test the impact of highly-granular data ownership controls on the self-reporting and sharing of data incident and data breach information.

PROJECT BACKGROUND

As the social and economic impact of data over-exposure become more fully understood, there is an increasing recognition that more effective self-reporting and collaboration on incident data is required in order to mitigate the negative consequences for citizens and organizations.

However,  there are currently few public systems that enable organizations to quickly capture and securely collaborate on their cyber incident data.

Survey: Nearly 3 in 4 Organizations Suffered Data Breaches Due to Phishing

Biden signs an executive order aimed at protecting critical American infrastructure from cyberattacks.

US Senate mulling bill on data breach notifications

New Connecticut breach notification requirements and cybersecurity safe harbor effective October 2021

PROJECT GOALS

The goal of this research project is to design a Cyber Event Self-Reporting System (CESR) prototype that simplifies data management, protects anonymity, and offers granular access controls all within a Zero-Copy Integration data management environment.

The prototype will be shared with a test group of cyber reporting stakeholders to determine its potential to support more frequent reporting, faster reporting times, and increased collaboration with data.

  • Simplified data entry / data automation

  • User credential verification

  • Granular and universal access controls

  • Anonymity (organizational)

  • Zero-Copy Integration for building new solutions:

    • Internal use cases

    • Cross-organizational use cases (preserving anonymity)

  • Data deletion/the right to be forgotten

  • Precision auditability of data usage reporting

PROJECT OBSERVERS

The CESR project team invites input and advice from cyber security, consumer protection, and trade organizations. 

SAMPLE SOLUTIONS

The project will identify the types of systems and actionable intelligence that would result from collaboration on anonymized incident data.

Alert Systems
Pattern Analysis
Consumer Apps
desktop.png
data browser_2x.png
apps.png
chatbot.png

UNIVERSAL ACCESS CONTROLS

The CESR Collab will test the impact of owner-defined, universally-enforced data access controls.
VIEW, ADD, EDIT
CUSTODIANSHIP
Data owners are able to control which internal users and groups can view, add, or edit their data at the level of table, row, column, or even down to the individual cell of a given record.
QUERY
Data owners can grant/revoke query access to their de-identified data to enable 3rd parties for build new solutions. No copies of data are generated in this process and all access controls are retained.
Data owners can assign temporary "control of the controls" to internal users or groups in order to assist in data incident reporting and data collaboration. This custodianship can be revoked at any time.
DELETION
A benefit of the 'Zero-Copy Integration' environment is that data owners are able to fulsomely delete their information at any time, giving them a true right to be forgotten with no copies left unaacounted.

PROJECT METHODOLOGY

  1. Formulate question 
  2. Conduct research
  3. Formulate hypothesis
  4. Make prediction
  5. Design experiment
  6. Evaluate results
  7. Report results

GET INVOLVED

The iOWN Initiative is free to join and we welcome data privacy, data protection, data law, data compliance, UX, IT, and PET professionals to join us in support of meaningful data ownership and inclusive data collaboration.