Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Similar to The Shifting Privacy Left Podcast
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership. Learn more about L ...
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
S2E32: "Privacy Red Teams, Protecting People & 23andme's Data Leak" with Rebecca Balebako (Balebako Privacy Engineer)
Manage episode 380696145 series 3407760
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
This week’s guest is Rebecca Balebako, Founder and Principal Consultant at Balebako Privacy Engineer, where she enables data-driven organizations to build the privacy features that their customers love. In our conversation, we discuss all things privacy red teaming, including: how to disambiguate adversarial privacy tests from other software development tests; the importance of privacy-by-infrastructure; why privacy maturity influences the benefits received from investing in privacy red teaming; and why any database that identifies vulnerable populations should consider adversarial privacy as a form of protection.
We also discuss the 23andMe security incident that took place in October 2023 and affected over 1 mil Ashkenazi Jews (a genealogical ethnic group). Rebecca brings to light how Privacy Red Teaming and privacy threat modeling may have prevented this incident. As we wrap up the episode, Rebecca gives her advice to Engineering Managers looking to set up a Privacy Red Team and shares key resources.
Topics Covered:
- How Rebecca switched from software development to a focus on privacy & adversarial privacy testing
- What motivated Debra to shift left from her legal training to privacy engineering
- What 'adversarial privacy tests' are; why they're important; and how they differ from other software development tests
- Defining 'Privacy Red Teams' (a type of adversarial privacy test) & what differentiates them from 'Security Red Teams'
- Why Privacy Red Teams are best for orgs with mature privacy programs
- The 3 steps for conducting a Privacy Red Team attack
- How a Red Team differs from other privacy tests like conducting a vulnerability analysis or managing a bug bounty program
- How 23andme's recent data leak, affecting 1 mil Ashkanazi Jews, may have been avoided via Privacy Red Team testing
- How BigTech companies are staffing up their Privacy Red Teams
- Frugal ways for small and mid-sized organizations to approach adversarial privacy testing
- The future of Privacy Red Teaming and whether we should upskill security engineers or train privacy engineers on adversarial testing
- Advice for Engineer Managers who seek to set up a Privacy Red Team for the first time
- Rebecca's Red Teaming resources for the audience
Resources Mentioned:
- Listen to: "S1E7: Privacy Engineers: The Next Generation" with Lorrie Cranor (CMU)
- Review Rebecca's Red Teaming Resources
Guest Info:
- Connect with Rebecca on LinkedIn
- Visit Balebako Privacy Engineer's website
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
Chapters
1. S2E32: "Privacy Red Teams, Protecting People & 23andme's Data Leak" with Rebecca Balebako (Balebako Privacy Engineer) (00:00:00)
2. Introducing Rebecca Balebako, Founder and Principal Consultant at Balebako Privacy Engineer (00:01:47)
3. How Rebecca switched from software development to a focus on privacy and adversarial privacy testing (00:03:25)
4. What motivated Debra to shift left from her legal training to privacy engineering (00:04:42)
5. What 'adversarial privacy tests' are; why they're important; and how it differs from other tests for software development (00:08:15)
6. Defining 'Privacy Red Teams,' one type of adversarial privacy test, and what differentiates them from 'Security Red Teams' (00:11:41)
7. Why Privacy Red Teams should primarily be used by organizations with mature privacy programs (00:16:49)
8. The 3 steps to conducting a Privacy Red Team attack (00:20:54)
9. How leveraging a Red Team differs from other privacy tests like conducting a vulnerability analysis or managing a bug bounty program (00:24:05)
10. How 23andme's recent data leak, affecting 1 mil Ashkanazi Jews, could have been avoided via Privacy Red Team testing (00:31:52)
11. The trend where BigTech companies are staffing up their Privacy Red Teams (00:40:44)
12. How small and mid-sized organizations with mature privacy programs can approach adversarial privacy testing (00:42:19)
13. The future of Privacy Red Teaming and whether we should upskill security engineers or train privacy engineers on adversarial testing (00:44:03)
14. Rebecca's advice for Engineer Managers who seek to set up a Privacy Red Team for the first time (00:45:10)
15. Rebecca shares information about Red Teaming resources that she put together for the audience (00:46:20)
63 episodes
Share
Manage episode 380696145 series 3407760
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
This week’s guest is Rebecca Balebako, Founder and Principal Consultant at Balebako Privacy Engineer, where she enables data-driven organizations to build the privacy features that their customers love. In our conversation, we discuss all things privacy red teaming, including: how to disambiguate adversarial privacy tests from other software development tests; the importance of privacy-by-infrastructure; why privacy maturity influences the benefits received from investing in privacy red teaming; and why any database that identifies vulnerable populations should consider adversarial privacy as a form of protection.
We also discuss the 23andMe security incident that took place in October 2023 and affected over 1 mil Ashkenazi Jews (a genealogical ethnic group). Rebecca brings to light how Privacy Red Teaming and privacy threat modeling may have prevented this incident. As we wrap up the episode, Rebecca gives her advice to Engineering Managers looking to set up a Privacy Red Team and shares key resources.
Topics Covered:
- How Rebecca switched from software development to a focus on privacy & adversarial privacy testing
- What motivated Debra to shift left from her legal training to privacy engineering
- What 'adversarial privacy tests' are; why they're important; and how they differ from other software development tests
- Defining 'Privacy Red Teams' (a type of adversarial privacy test) & what differentiates them from 'Security Red Teams'
- Why Privacy Red Teams are best for orgs with mature privacy programs
- The 3 steps for conducting a Privacy Red Team attack
- How a Red Team differs from other privacy tests like conducting a vulnerability analysis or managing a bug bounty program
- How 23andme's recent data leak, affecting 1 mil Ashkanazi Jews, may have been avoided via Privacy Red Team testing
- How BigTech companies are staffing up their Privacy Red Teams
- Frugal ways for small and mid-sized organizations to approach adversarial privacy testing
- The future of Privacy Red Teaming and whether we should upskill security engineers or train privacy engineers on adversarial testing
- Advice for Engineer Managers who seek to set up a Privacy Red Team for the first time
- Rebecca's Red Teaming resources for the audience
Resources Mentioned:
- Listen to: "S1E7: Privacy Engineers: The Next Generation" with Lorrie Cranor (CMU)
- Review Rebecca's Red Teaming Resources
Guest Info:
- Connect with Rebecca on LinkedIn
- Visit Balebako Privacy Engineer's website
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
Chapters
1. S2E32: "Privacy Red Teams, Protecting People & 23andme's Data Leak" with Rebecca Balebako (Balebako Privacy Engineer) (00:00:00)
2. Introducing Rebecca Balebako, Founder and Principal Consultant at Balebako Privacy Engineer (00:01:47)
3. How Rebecca switched from software development to a focus on privacy and adversarial privacy testing (00:03:25)
4. What motivated Debra to shift left from her legal training to privacy engineering (00:04:42)
5. What 'adversarial privacy tests' are; why they're important; and how it differs from other tests for software development (00:08:15)
6. Defining 'Privacy Red Teams,' one type of adversarial privacy test, and what differentiates them from 'Security Red Teams' (00:11:41)
7. Why Privacy Red Teams should primarily be used by organizations with mature privacy programs (00:16:49)
8. The 3 steps to conducting a Privacy Red Team attack (00:20:54)
9. How leveraging a Red Team differs from other privacy tests like conducting a vulnerability analysis or managing a bug bounty program (00:24:05)
10. How 23andme's recent data leak, affecting 1 mil Ashkanazi Jews, could have been avoided via Privacy Red Team testing (00:31:52)
11. The trend where BigTech companies are staffing up their Privacy Red Teams (00:40:44)
12. How small and mid-sized organizations with mature privacy programs can approach adversarial privacy testing (00:42:19)
13. The future of Privacy Red Teaming and whether we should upskill security engineers or train privacy engineers on adversarial testing (00:44:03)
14. Rebecca's advice for Engineer Managers who seek to set up a Privacy Red Team for the first time (00:45:10)
15. Rebecca shares information about Red Teaming resources that she put together for the audience (00:46:20)
63 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to The Shifting Privacy Left Podcast
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership. Learn more about L ...
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
