We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2016 - Jerry Smith - Privacy and Security : Which comes first?
Discover the essential strategies for achieving a balance between information security and privacy in this keynote presentation, exploring best practices for encryption, incident response, and employee training to protect sensitive data.
- Information security and privacy are interdependent, and neither can be prioritized over the other.
- Encryption is crucial to protecting sensitive data and should be used within an organization.
- A rigorous sanctions process is essential for handling privacy incidents.
- Transparency is key to building trust and ensuring that data is used appropriately.
- Employees must be educated and trained to understand the importance of protecting sensitive data.
- Organizations should prioritize protecting sensitive data, and encryption can help achieve this goal.
- Role-based access control can help ensure that employees only access data that is necessary for their job functions.
- Non-disclosure agreements can help protect sensitive data when sharing it with third parties.
- Data minimization and limitation are essential for protecting sensitive data.
- Employees must be made aware of the consequences of not following privacy and security protocols.
- Policy must be clear and concise, and employees must be trained to understand it.
- The 80/20 rule applies to many privacy and security issues, where a small percentage of issues can cause significant harm.
- Incident response must be thorough and transparent to build trust with stakeholders.
- Regular training and awareness programs are necessary to educate employees about privacy and security protocols.
- Organizations should consider the impact of non-compliance with privacy regulations on their reputation and finances.