1、#SECTORCA BlackHatEventsIs Your Data Canadian Yet?And Other Existential Cloud Sovereignty Questions#SECTORCA BlackHatEventsQuick IntroductionsJames ArlenKevin FoxJames Arlen is Aiven.ios CISO bringing a mix of security and engineering background to DBaaS(database as a service).Over the past twenty p
2、lus years,James has been delivering information security solutions to Fortune 500,TSE 100,and major public-sector organizations.James is best described as:“Infosec geek,hacker,social activist,author,speaker,and parent.”His areas of interest include organizational change,social engineering,blinky lig
3、hts and shiny things.Kevin Fox is a seasoned cybersecurity professional with over twenty years of experience spanning cloud infrastructure,automation,development,security,organizational governance and risk.As Aivens Customer Cybersecurity Advocate,he helps organizations navigate evolving security ch
4、allenges while aligning technical realities with business goals.Kevin brings a unique blend of hands-on expertise and strategic insight,bridging the gaps between leadership objectives,security priorities,and compliance demands.(who even are these guys?)#SECTORCA BlackHatEventsDefinitionsData Residen
5、cyData SovereigntyWhere the data is physically located.Data is subject to the laws and regulations of its origin.(because,what is a presentation without definitions)#SECTORCA BlackHatEventsDefinitionsData ResidencyData Sovereignty(strictly speaking not a definition,but here we are)#SECTORCA BlackHat
6、EventsSpectrum of Sovereignty-StrictExtremely strict localization laws-data must reside within countryGovernment have broad authority to access dataCross-border restrictions-state approval or whitelisted destinations and/or security reviewsData is viewed similar to other natural resources(and protec