https://community.isc2.org/t5/Privacy/Data-Breach-Terrorist-watch-list/m-p/47007#M1355 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/311867713">@denbesten</a>&nbsp;&nbsp; Yes, that was an expensive human mistake once again.&nbsp; Why are they not using Homomorphic encryption, so if such mistakes occur, only authorised people can access it?&nbsp;</P><P>&nbsp;</P><P><SPAN class="ILfuVd"><SPAN class="hgKElc">Homomorphic Encryption (HE) refers to <STRONG>a special type of encryption technique that allows for computations to be done on encrypted data</STRONG>, without requiring access to a secret (decryption) key. The results of the computations are encrypted, and can be revealed only by the owner of the secret key.</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class="ILfuVd"><A href="https://www.forbes.com/sites/bernardmarr/2019/11/15/what-is-homomorphic-encryption-and-why-is-it-so-transformative/?sh=43a2c7f17e93" target="_blank">https://www.forbes.com/sites/bernardmarr/2019/11/15/what-is-homomorphic-encryption-and-why-is-it-so-transformative/?sh=43a2c7f17e93</A></SPAN></P><P>&nbsp;</P><P><SPAN class="ILfuVd">Regards</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>Caute-Cautim</P> Wed, 18 Aug 2021 21:03:22 GMT Caute_cautim 2021-08-18T21:03:22Z https://community.isc2.org/t5/Privacy/Data-Breach-Terrorist-watch-list/m-p/46968#M1354 <P>Apparently, the United States' classified "no-fly list" was <A href="https://www.bleepingcomputer.com/news/security/secret-terrorist-watchlist-with-2-million-records-exposed-online/" target="_blank" rel="noopener">inadvertently disclosed</A>&nbsp;via a publicly-accessible server.&nbsp;</P><P>&nbsp;</P><P>Per the article, DHS (Department of Homeland Security) took three weeks post-disclosure to remove Internet access to the server.&nbsp;&nbsp;</P> Tue, 17 Aug 2021 16:33:02 GMT https://community.isc2.org/t5/Privacy/Data-Breach-Terrorist-watch-list/m-p/46968#M1354 denbesten 2021-08-17T16:33:02Z https://community.isc2.org/t5/Privacy/Data-Breach-Terrorist-watch-list/m-p/47007#M1355 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/311867713">@denbesten</a>&nbsp;&nbsp; Yes, that was an expensive human mistake once again.&nbsp; Why are they not using Homomorphic encryption, so if such mistakes occur, only authorised people can access it?&nbsp;</P><P>&nbsp;</P><P><SPAN class="ILfuVd"><SPAN class="hgKElc">Homomorphic Encryption (HE) refers to <STRONG>a special type of encryption technique that allows for computations to be done on encrypted data</STRONG>, without requiring access to a secret (decryption) key. The results of the computations are encrypted, and can be revealed only by the owner of the secret key.</SPAN></SPAN></P><P>&nbsp;</P><P><SPAN class="ILfuVd"><A href="https://www.forbes.com/sites/bernardmarr/2019/11/15/what-is-homomorphic-encryption-and-why-is-it-so-transformative/?sh=43a2c7f17e93" target="_blank">https://www.forbes.com/sites/bernardmarr/2019/11/15/what-is-homomorphic-encryption-and-why-is-it-so-transformative/?sh=43a2c7f17e93</A></SPAN></P><P>&nbsp;</P><P><SPAN class="ILfuVd">Regards</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>Caute-Cautim</P> Wed, 18 Aug 2021 21:03:22 GMT https://community.isc2.org/t5/Privacy/Data-Breach-Terrorist-watch-list/m-p/47007#M1355 Caute_cautim 2021-08-18T21:03:22Z