Explore a conference talk that delves into the positive impact of data protection regulations like GDPR and CCPA on security teams. Learn how understanding these obligations can enhance security risk modeling, prioritization, and organizational buy-in. Discover practical scenarios illustrating the intersection of data protection and security, including email campaigns and tool selection. Gain insights into concepts such as high-risk processing, reasonable security measures, and actionable steps for compliance. Understand how leveraging data protection requirements can reduce liability exposure and strengthen overall security programs.
When GDPR and CCPA Strike - Silver Lining for Security Teams in Data Protection Clouds
Security BSides San Francisco via YouTube
Overview
Syllabus
Intro
Rafis background
What this talk is about
Custom SWAT Truck
Car Chase
Front Door Breach
Why should security team secure
Parallax
Security from GDPR lens
Uncertainty
Finding solution
Driving without headlights
Summary
Scenario 1 Email campaign
Scenario 2 Two tools
Takeaway
Accidental sharing
Water landing
Unique risk profile
Highrisk processing
The takeaway
The final scenario
What is actionable
Reasonable security
Conclusion
Recap
Conclusions
Data processing
Taught by
Security BSides San Francisco
