Story image

CA Technologies joins EU 'privacy by design' research project

06 Aug 2018

CA Technologies is one of eight technology partners that will shape a European research project designed to facilitate software privacy by design.

The Privacy and Data Protection for Engineers (PDP4E) project aims to help software engineers to incorporate privacy design into all of their applications.

This approach will also help those who use the applications to comply with the European Union’s General Data Protection Regulation (GDPR), and international standards related to privacy.

CA Technologies joins partners from countries including Belgium, France, Germany, and Spain. The project is funded by the European Union H2020 Research and Innovation Program.

CA Technologies’ EVP & CTO Otto Berkes says that privacy protection can only be effective when it is proactively addressed throughout the entire software development lifecycle – or in other words, privacy by design.

“Regulation often only provides abstract guidance which means software engineers struggle with translating its goals into development specifics, while data privacy specialists lack the mechanisms to implement and validate compliance,” he adds.

CA Technologies will be looking at the market requirements for privacy by design in the context of GDPR. The company will also ensure that resulting tools and methodologies are aligned to what the market needs.

The company will also develop a risk management tool to identify, assess, and mitigate both data protection and privacy risks.

“CA Technologies is proud to be partnering on this European research that will help drive stronger integration of privacy by design during product development,” comments CA Technologies vice president of Strategic Research, Victor Muntés.

“With the advent of GDPR, organisations will have to prove they are protecting data in the best possible way. As the pace of software development accelerates, the PDP4E research will help innovate new ways for privacy by design to be built into the development of new applications and help to comply with the GDPR and other global requirements.”

The PDP4E research results will be tested across two pilot programs: a fintech application domain, and a smart grid energy application domain. These two domains were chosen because they are relevant to privacy by design.

The results will subsequently be promoted among engineering groups, such as Eclipse (a community of software developers) or IPEN (a community of privacy engineering stakeholders).

An open Alliance for Privacy and Data Protection Engineering is also planned as a follow-up to the project, building on that community and the synergies among the participating partners.

Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.