Top Six Takeaways from the Webinar
The use of the U.S. cloud as part of organizational data supply chains is critical, and needs to continue for both operational and business reasons.
Joint and several liability and the shared responsibility model apply to the use of the cloud, for cloud providers and cloud users. Increasing technical protections such as through the use of Statutory Pseudonymization can reduce the risk of breach and help organizations more easily obtain cybersecurity insurance.
Schrems II and other guidance does not intend to prohibit the use of the U.S cloud; instead, compliant use is the intention by leveraging technical controls.
Access controls and encryption only protect data in transit and in storage, but most data is still processed in cleartext, leaving it vulnerable to breach.
The U.S. cloud can be used in a compliant manner with appropriate technical and organizational controls.
Statutory Pseudonymization allows EU-US transfers and compliant processing, including compliant further processing in the cloud for AI, ML and analytics.