An increasing number of regulations in different countries and regions require data to be processed locally for privacy and national security reasons. But these regulations have potential negative impacts on cybersecurity, such as limiting the sharing of information useful for threat hunting and penetration testing. For example, Europe’s General Data Protection Regulation considers IP addresses – a common indicator of compromise – as personal data. Since 2021, Professor Peter Swire of Georgia Tech’s College of Computing has led a team that has published two papers (linked below) studying the effects of data localization on the provision of cybersecurity services. In this Studio 471, Swire discusses the regulatory environment, how it could impact the use of cyber threat intelligence and what could be done to ensure attackers don’t leverage these changes to their advantage.
Participants:
Peter Swire, Professor, Georgia Tech College of Computing
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
Published papers:
The Effects of Data Localization on Cybersecurity - Organizational Effects
Risks to cybersecurity from data localization, organized by techniques, tactics and procedures
