Share these talks and lectures with your colleagues
Invite colleaguesResearch paper
Privacy threats and vulnerabilities: Reinvent your privacy engineering practices and win
Cyber Security: A Peer-Reviewed Journal,
6
(4),
320-333
(2023)
Abstract
The ever-changing paradigm of data generation, storage and consumption has led to the exponential growth in data incidents. The year 2021 has been the year of highest data breaches exposing personal information of millions of users. The root cause of these data breaches ranges from vulnerabilities in unprotected databases, misconfigurations in cloud systems, ransomware, malware or slip from marketing service providers. Most organisations have strong privacy organisational functions that are compliance-focused; however, they lack privacy engineering functions focused on embedding privacy into the engineering practices. This paper makes recommendations about privacy engineering best practices that can help prevent, detect and mitigate privacy threats and vulnerabilities and provides information about appropriate privacy and security controls to mitigate the privacy risks. It also provides a practice lab section which serves as a practical playground to apply the above concepts.
Keywords: data privacy; privacy engineering; privacy threats; privacy controls; security controls
The full article is available to subscribers to the journal.
Author's Biography
Smitha Sriharsha is Product Security Governance Leader at D . She is a 16+ year practitioner of product security, cloud and privacy engineering. She has a unique mix of development, product and application security and compliance expertise, including establishing security standards, partnering to build foundational security capabilities, delivering consumable security stacks in strategic environments in a DevSecOps model, and driving adoption. Smitha is a blogger and speaker who has designed and contributed to security education programmes, bootcamps, talks and presentations at RSAC, Cisco: Security Space Center, Seccon 2019, 2020, 2021 Develop@cisco 2020, Cloud Summit 2020 and Offensive Summit 2021. She has received numerous awards and recognition during her time with Cisco, Ness and Sonicwall.
