Privacy Threat Modeling: Moving Beyond Compliance to Meet Consumer Needs presented at GlobalPrivacySummit 2019

by Maritza Johnson, Danielle Leong, Samm Sacks, Zach Singleton,

Summary : While global regulatory requirements grow, consumer expectations about privacy are also shifting, creating new incentives for organizations to proactively build policies and products with privacy by design. Threat modeling is a common practice from the cybersecurity field which can also aid privacy professionals by identifying potential objectives and vulnerabilities in order to define countermeasures for preventing or mitigating threats to privacy. This is particularly critical when considering inclusive product and policy design to ensure the appropriate level of protection for individual risk profiles. This session will discuss cultural contexts of privacy from around the world, how effective threat modeling can ensure safer decisions to protect high-risk users, and real-world examples of how companies are building to meet global expectations.What you’ll take away:International perspective of privacy based on cultural and political contextBasic understanding of how to conduct threat modeling for privacyPractical advice for bringing threat modeling to your organization