Happy Saturday, dear readers.
Earlier this year I noted that Europe’s General Data Protection Regulation, or GDPR, would be a big topic of conversation at this year’s RSA Conference, the biggest hobnobbing affair in the cybersecurity industry. I could not have foreseen how scandal after data privacy scandal at Facebook would intensify the discussion.
At this year’s ever entertaining “innovation sandbox contest,” a startup competition and hallmark of the conference, a little-known, New York City-based concern called BigID capitalized on the zeitgeist. The company, which had just eight employees as recently as December (mostly engineers in Israel), pitched itself differently than the typical cybersecurity marketing spiel. There was nary a mention of “detection,” “defense,” or “artificial intelligence.”
“I’m with BigID and our big idea is that privacy matters,” said Dimitri Sirota, CEO and cofounder of the firm, taking the stage. He explained that his company’s technology indexes business’s private data, maps out the inter-relationships between databases, and helps identify what companies need to do to comply with data regulations in different parts of the world.
“Ours was understandable,” Sirota told me later on a call. “You didn’t have to have a PhD in computer science to get what we did. It was accessible to the audience and judges.”
Sirota’s clarity of thinking was apparent to me years ago, back when he was heading up the security business at CA Technologies. In 2014, he livened up a panel I moderated at an enterprise security summit. A couple years later, Sirota strolled into Fortune’s offices clad in a black leather jacket and told me his plan to build a business around data privacy and compliance. Looks like he had the right idea at exactly the right time.
“Big data is almost like this atomic collider—smash all this data together to get value from it,” as Sirota put it on our recent call. “No one has been thinking of stewardship or custody or management of that information.”
Now everyone is thinking about it. With British officials raiding the offices of embattled political consultancy Cambridge Analytica, Mark Zuckerberg bending the knee before congress, and GDPR set to go into effect next month, no story holds greater sway in techland. It’s no surprise BigID took home the crown.
Dream big and have a great weekend.
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’sdaily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
Name and shame. The U.S., UK, and Australia on Monday accused Russia of subverting routers inside government agencies, critical infrastructure and internet service providers, and small offices. Moscow is said to have embarked on the alleged mass cyber espionage campaign starting in 2015. This is the second time this year that the U.S. and UK have called out the Kremlin’s hacking, last fingering the nation in February for its supposed role in last year’s destructive “NotPetya” cyberattacks.
From chumps to champs. North Korea was once an amateur-level cyber threat. Along with the rise of its nuclear and missile programs, the Hermit Kingdom’s hacking prowess has improved by leaps and bounds in recent years. The Wall Street Journal tracks the nation’s dawning supremacy on the global stage in this excellent investigation that includes interviews with defectors.
No keys, no entry. Russia on Monday banned Telegram after the chat app maker refused to hand over the encryption keys that secure its users’ communications. (Telegram says the company doesn’t have access—and doesn’t plan to gain access—to them either.) I discussed the debacle with Fortune’s Anne VanderMey on this week’s episode of Fortune Tech Debate.
Eek, leaks. TaskRabbit, an oddjob app, advised customers to change their passwords after it disclosed Tuesday that it was investigating a “cybersecurity incident.” Localblox, a small data firm based in Bellevue, Wash., reportedly failed to secure a database of information on 48 million people that it scraped from Facebook, LinkedIn and other online profiles. And bank-holding company SunTrust said Friday that a former employee may have tried to steal and share personal information for about 1.5 million customers.
This brings whole new meaning to the term “phishing.”
Share today’s Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
I’ve been to the mountaintop. The hacking of Mt. Gox, once the world’s biggest Bitcoin exchange, may seem like an old story—it’s anything but. Normally, when a company goes through a bankruptcy, it’s a fairly well-worn process. In the case of Mt. Gox, there’s a major wrinkle: the astounding appreciation of its leftover cryptocurrency assets. As Fortune’s Jen Wieczner investigates in the following caper, lingering questions about what will happen to the jackpot the exchange stumbled upon.
How Blockchain Could Put an End to Identity Theft, by Frederic Kerrest
James Comey on Apple and Google’s Data Encryption: ‘They Drove Me Crazy’, by Don Reisinger
Cybersecurity VC Firm Poaches First Female Partner from Comcast, by Robert Hackett
This Career U.S. Marine Is One of the World’s Greatest Leaders, by Matthew Heimer
Microsoft Aims to Make Google Chrome Safer With New Extension, by Don Reisinger
ONE MORE THING
Imposter syndrome. The advent of “deepfake” technology, which lets video editors map anyone’s face onto any other person’s body, has chilling repercussions. In the not-so-distant future, miscreants will abuse this steroidal form of photo-shopping for political ends, tricking people into forming false memories. This Vox feature digs into a coming, turbocharged phase of fake news, which The Atlantic’s Franklin Foer warns will bring on “the collapse of reality.”