The relationship between Security and Privacy

Introduction to Data Privacy

Tiffany Lewis

Security and Privacy Instructor

Security fundamentals

  • Preventing unauthorized use, disclosure, and alteration of data:
    • CIA Triad
  • Examples:
    • Encryption
    • Identity Access Management

CIA Triad

Introduction to Data Privacy

Privacy fundamentals

  • Data processed in a valid manner that has been authorized by the user
  • Examples:
    • Notifications
    • Encryption

Users

Introduction to Data Privacy

Security and Privacy Themes

Introduction to Data Privacy

Packing what we've learned

  • Backpack startup
  • Security and Privacy concerns
  • Analyze:
    • Product data
    • Personal information

Dog Backpack

Introduction to Data Privacy

Security controls circle

Introduction to Data Privacy

Privacy controls circle

Introduction to Data Privacy

Backpack Scenario Venn Digaram

Introduction to Data Privacy

Security and Privacy failure

  • Privacy requires explicit authorization from users to:
    • disclose
    • alter
    • change how data is used
  • Stolen data - no consent or authorization from users

Hacker stealing data

Introduction to Data Privacy

Data breach

Data Breach - a security event where data is unlawfully disclosed, altered, or taken by an unauthorized party.

 

  • Example: Yahoo data breach in 2013
    • Affected over 3 billion users
    • Hackers attempted to sell the data

Data Breach

1 https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-users.html
Introduction to Data Privacy

Let's practice!

Introduction to Data Privacy

Preparing Video For Download...