Denise Schoeneich, Jonathan Fox, R. Jason Cronk

Security, in contrast to privacy, has been well integrated into the Security Development Life Cycle (SDLC). Threat modeling is a step for security assurance taken to protect assets of value. Security validation ensures that requirements have been met and objectives achieved.  Privacy engineering uses these tools to implement PbD in the initial design stages and throughout the software development lifecycle.  This session will include a hands-on exercise that will help participants identify potential security and privacy threats and design and implement privacy enhancing technologies (PETs). A further exercise will focus on creation and use of context diagrams to first identify data flows and consumers of data, and then to determine threats, vulnerabilities and risks.

Denise Schoeneich, Privacy Engineer, Intel Corporation
Jonathan Fox, Director, Privacy Engineering & Strategy/Planning, Cisco
R. Jason Cronk, Privacy and Trust Consultant, Enterprivacy Consulting Group

Denise Schoeneich
Denise Schoeneich

Privacy Engineer
Intel Corporation

Jason Cronk
Jason Cronk

Privacy & Trust Consultant
Enterprivacy Consulting Group

Jonathan Fox
Jonathan Fox

Director, Privacy Engineering & Strategy/Planning
Cisco