On October 16th, 2024, Vaultree’s Co-Founder and COO, Tilo Weigandt, hosted a highly informative and engaging webinar that explored the present and future of encrypted data sharing. Joined by a panel of industry experts, the session explored the pressing challenges organisations face in securely sharing data and how innovative encryption technologies are paving the way for seamless, secure collaboration.

The panel included:

• David Currie: Former CISO of Nubank and Klarna, cybersecurity expert with extensive experience in financial services.
• Mary Gardner: CISO Veteran and cybersecurity leader with two decades of experience across healthcare and finance.
• J.R. Tietsort: Cybersecurity veteran and former security lead at Micron Technology and Darktrace.

The session tackled critical issues surrounding data sharing across highly regulated sectors, such as healthcare, finance, and legal. This blog recaps the webinar’s key takeaways and real-world applications of encrypted data sharing, showcasing how advanced solutions, such as Vaultree’s groundbreaking VEDS, can and are transforming secure collaboration and business operations.

‍

Those who missed the live session can access the on-demand version of the webinar here!

‍

Understanding the Current Challenges of Data Sharing

The discussion kicked off with an overview of the limitations in today’s data-sharing landscape. Organisations operating in highly regulated yet competitive sectors face strict compliance regulations, often relying on outdated methods such as tokenisation, data masking, and secure multiparty computation. While these solutions offer a certain degree of security, they fall short in terms of usability and efficiency, especially when data is actively being used or analysed, compromising business operations.

‍

As Tilo pointed out, “The trade-off between privacy and efficiency is a constant challenge for industries dealing with strict regulations like GDPR, HIPAA, or LGPD. Maintaining compliance while ensuring operational effectiveness remains a significant hurdle.”

‍

Real-World Examples of Data Sharing

Each panellist shared personal experiences and the limitations they’ve faced when addressing secure data sharing in their respective industries. David Currie, drawing from his extensive experience in the financial sector, spoke about the struggle to maintain data security across borders. “When I was at Visa, tokenisation was a great step forward, but it wasn’t enough. We could encrypt elements of the data, but there were still vulnerabilities. Now, it’s time for the next evolution.”

‍

Picking up where David left off, Mary Gardner, who has worked across healthcare and finance, highlighted the difficulty of securely sharing sensitive data, especially in healthcare research. She illustrated how encrypted data sharing could provide essential protections for sharing patient data without compromising privacy. “If I can protect that data no matter where it lives and only share the essential parts without exposing identifiable information, we can finally solve some of the most complex problems in healthcare research.”

‍

J.R. Tietsort rounded off the discussion with another perspective, one focusing on the balance between the security and enablement of data within an organisation for professionals such as data scientists. He mentioned, “In the world of intellectual property, sharing large datasets securely is crucial. Data scientists need access to extensive data to develop better models, but we need to ensure that we’re not compromising sensitive trade secrets.”

‍

Key Takeaway

The experts highlighted that while the challenges vary by industry, the core issue remains the same – organisations need a secure, scalable way to share and analyse sensitive data without compromising security or productivity.

‍

What is Encrypted Data Sharing?

After hearing from the experts about their experiences with current data-sharing methods, the limitations of these technologies and the effect such limitations have on business operations, the panel moved on to discuss the topic of the webinar, Encrypted Data Sharing.

‍

Encrypted data sharing is a response to these outlined challenges. Based on novel technologies like multi-key encryption and Fully Homomorphic Encryption (FHE), encrypted data sharing allows organisations to securely collaborate on data without exposing sensitive information. Data remains encrypted during active use, ensuring privacy and security at every step of the process. 

‍

On this revolutionary breakthrough, Tilo explained, “The ability to collaborate securely on encrypted data across borders, entities, or even within the same organisation is a game-changer. It simplifies compliance with data protection regulations and ensures security, even during real-time analysis.”

‍

Real-World Applications and Impact 

After outlining exactly what Encrypted Data Sharing is, alongside the myriad potential benefits of this technology compared to legacy methods, the experts moved on to discuss the real-world applications and implications of this technology within their sphere of expertise. 

‍

Healthcare

Mary Gardner, drawing on her 20 years of experience in cybersecurity for healthcare and finance, highlighted the massive potential encrypted data sharing offers in healthcare, especially for research and patient data collaboration. She stressed that protecting sensitive patient information is a top priority, especially in research environments where unstructured data from medical records is shared across institutions.

‍

For example, she described how encrypted data sharing could allow paediatric hospitals to collaborate on foundational research for oncology and vaccine development without exposing identifiable patient information. By encrypting patient records, institutions can contribute to a shared dataset while ensuring that sensitive details, such as age or geographical location, remain confidential. Gardner illustrated the importance of encrypting every element of data to avoid exposing identifiable information, such as "a 99-year-old man living in North Borneo," which, although anonymised, could still identify a patient.

‍

She concluded by stating, “The ability to share critical patient data without exposing identifiable information is paramount,” stressing how encrypted data sharing can significantly reduce barriers to research collaboration.

‍

Finance

David Currie brought his expertise from his time at global financial institutions like Barclays and New Bank to illustrate the immense value encrypted data sharing offers the financial sector. He discussed how, historically, banks have had to send large datasets—such as customer information—to third-party credit bureaus or regulators, often at the risk of data breaches. Even with advancements like tokenisation, key challenges remain in fully securing data, especially when transferring it across borders or between entities.

‍

Currie explained that encrypted data sharing eliminates the need to transfer plaintext data to external parties. He recounted a specific scenario from his time in Hong Kong, where a mercantile exchange was set up in China. Under China’s cybersecurity laws, transferring Chinese citizens' data outside of the country posed legal and personal risks, including the possibility of prison time for individuals responsible for breaches. Encrypted data sharing could have mitigated this by allowing him to comply with regulations while securely interrogating the data within China without actually moving it.

‍

Summarising, Currie said, “Wouldn’t it be great if we could allow third parties, like credit bureaus, to interrogate data without ever transferring it?” This sentiment captures the core advantage of encrypted data sharing: enabling secure collaboration while minimising data exposure.

‍

Technology and Intellectual Property

J.R. Tietsort, with his extensive cybersecurity experience across diverse organisations, emphasised the critical need to protect trade secrets in technology and manufacturing. Sharing data with suppliers or collaborators carries significant risks, as any breach could result in stolen intellectual property (IP) and financial losses.

‍

Encrypted data sharing, he noted, offers a secure way to share data without exposing proprietary information. It allows data scientists to access large datasets for model development without compromising security. For companies working on advanced technologies like AI and machine learning, encrypted data sharing enables efficient collaboration while safeguarding IP and supporting secure data monetisation.

‍

Other Sectors: Legal, Government and Beyond

The panel also touched on how encrypted data sharing can revolutionise industries such as legal services, government, and education. Legal professionals, for example, frequently need to share sensitive documents across jurisdictions, and encrypted data sharing ensures that only authorised parties have access to the content.

‍

Moreover, David Currie provided an example of mergers and acquisitions (M&A), where multiple parties require access to sensitive financial data. In these high-stakes environments, securely sharing data while maintaining confidentiality is paramount. Currie remarked, “We’ve had to resort to sharing password-protected files via email in M&A deals, but encrypted data sharing provides a more secure, scalable alternative.”

‍

This also extends to government use cases, where sensitive information, such as classified documents, must be shared across departments and agencies. Encrypted data sharing ensures that data remains secure even as it moves between different entities, meeting compliance requirements across borders.

‍

Key Takeaway

Encrypted data sharing is a transformative solution for industries that handle sensitive data, enabling secure collaboration without compromising data security or operational efficiency. Whether in healthcare, finance, technology, or other high-stakes sectors, encrypted data sharing opens up new opportunities for innovation and secure partnerships.

‍

Live Explanation 

After this insightful discussion, Tilo moved the webinar along to give the audience a clearer understanding of exactly how encrypted data sharing works in a live environment with multiple entities involved. 

‍

‍

As this visual moved through the various stages of the encrypted data-sharing process, Tilo brought the audience along, explaining each stage of the process:

‍

Stage 1

“We have an orange team on the left and a blue team on the right; both teams have data they want to share in order to gain insights or run analytics. But due to policy, law, or regulation, they cannot share the data in plain text, right? It’s not allowed.

‍

So what encrypted data sharing and, in this case, Vaultree's encrypted data sharing, does is it allows users to encrypt their data individually.

‍

Stage 2

The orange team uses the orange key, and the blue team uses the blue key. The orange team cannot decrypt the blue team’s data, and the blue team cannot decrypt the orange team’s data.

‍

Stage 3

The magic here now with Vaultree is that you can combine the orange and blue data into one dataset, represented here by the orange and blue cogs. This new dataset is fully encrypted and requires cooperation from both the orange and blue teams to decrypt.

‍

Stage 4

The new data can be queried, and the encrypted results can be decrypted through a joint decryption process. The result is plain text, and only the results of the query are ever decrypted, nothing else.

‍

If the orange team writes a query, the fully encrypted results are sent to the blue team for partial decryption inside their environment. Then, the partially decrypted but still secure data goes from the blue team to the orange team, who finishes the decryption and ends up with the plain text results.

‍

Use of the Data

The keys never leave the secure environment, and no data is exposed throughout the query, retrieval, or decryption process. That’s the magic behind it, and it works in practice.”

‍

Looking Ahead: The Future of Encrypted Data Sharing

At the end of the live walkthrough, Tilo turned to the expert panel once again, posing the question, “What do you each see as the future of Encrypted Data Sharing.” This moved the conversation beyond secure collaboration to the potential innovations that encrypted data sharing could enable. From predictive analytics to machine learning over encrypted data, the possibilities are vast. 

‍

J.R. Tiestsort noted, “The dream is to enable data scientists to perform their work without ever needing access to plain-text data. That’s the future we’re working towards.”

‍

Discussion continued in this vein as the experts explored the possibilities for encrypted machine learning and finally striking a balance between true data security and business enablement.

‍

Key Takeaway

The future of encrypted data sharing holds incredible potential, particularly in areas like predictive analytics and secure machine learning, where sensitive data can be analysed without ever being decrypted.

‍

Q&A Recap 

To round out the webinar, Tilo opened the floor to the attendees, allowing them to pitch their questions to the expert speakers. Here are some of the key questions addressed during this Q&A session:

‍

Question 1: What industries stand to benefit the most from encrypted data sharing?

• Mary Gardner pointed to healthcare as a prime example, where patient data security is paramount. “In healthcare, data privacy is non-negotiable. Encrypted data sharing allows us to collaborate securely without compromising sensitive information.”

Question 2: What other solutions have you come across for this issue, and how does encrypted data sharing differ?

• David Currie explained, “Many solutions out there offer encryption but sacrifice usability or performance. Vaultree’s encrypted data sharing ensures data remains encrypted throughout its lifecycle, without these trade-offs.”

Final Thoughts 

The webinar highlighted the transformative potential of encrypted data sharing, not only in terms of compliance and security but also for driving innovation and operational efficiency. From healthcare to finance and beyond, Encrypted Data Sharing, and in particular, Vaultree’s VEDS technology, promises to redefine how organisations collaborate on sensitive data securely.

‍

Stay tuned for future webinars where we’ll explore more innovative use cases and advancements in encryption technology.

‍

For more information on Vaultree’s data-sharing solutions, visit our website or follow us on LinkedIn.

‍