A podcast about web design and development.
…
continue reading
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to The Shifting Privacy Left Podcast
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
S2E19: Privacy Threat Modeling - Mitigating Privacy Threats in Software with Kim Wuyts (KU Leuven)
Manage episode 367186629 series 3407760
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This week's guest is Kim Wuyts, Senior Postdoctoral Researcher at the DistriNet Research Group at the Department of Computer Science at KU Leuven. Kim is one of the leading minds behind the development and extension of LINDDUN, a privacy threat modeling framework that mitigates privacy threats in software systems.
In this conversation, we discuss threat modeling based on the Threat Modeling Manifesto Kim co-authored; the benefits to using the LINDDUN privacy threat model framework; and how to bridge the gap between privacy-enhancing technologies (PETs) in academia and the commercial world.
Topics Covered:
- Kim's career journey & why she moved into threat modeling.
- The definition of 'threat modeling,' who should threat model, and what's included in her "Threat Modeling Manifesto."
- The connection between threat modeling & a 'shift left' mindset / strategy.
- Design patterns that benefit threat modeling & anti-patterns that inhibit.
- Benefits to using the LINDDUN Privacy Threat Modeling framework for mitigating privacy threats in software, including the 7 'privacy threat types,' associated 'privacy threat trees,' and examples.
- How "privacy threat trees' refine each threat type into concrete threat characteristics, examples, criteria & impact info.
- Benefits & differences between LINDDUN GO and LINDDUN PRO.
- How orgs can combine threat modeling approaches with PETs to address privacy risk.
- Kim's work as Program Chair for the International Workshop on Privacy Engineering (IWPE), highlighting some anticipated talks.
- The overlap of privacy & AI threats, and Kim's recommendation of The Privacy Library of Threats 4 AI ("PLOT4AI") Threat Modeling Card Deck
- Recommended resources for privacy threat modeling, privacy engineering & PETs.
- How the LINDDUN model & methodologies have been adopted by global orgs.
- How to bridge the gap between the academic & commercial world to advance & deploy PETs.
Resources Mentioned:
- The Threat Modeling Manifesto
- LINDDUN Privacy Threat Model
- STRIDE threat model
- Threat Modeling Connect Community
- Elevation of Privilege card game
- Plot4AI (privacy & AI threat modeling) card deck
- International Workshop on Privacy Engineering (IWPE)
Guest Info:
- Follow Kim on LinkedIn
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
Chapters
1. S2E19: Privacy Threat Modeling - Mitigating Privacy Threats in Software with Kim Wuyts (KU Leuven) (00:00:00)
2. Introducing Kim Wuyts, Sr. Postdoctoral Researcher at the IMEC-DistriNet Research Group at the Department of Computer Science at KU Leuven. (00:01:15)
3. Kim describes her career journey and how she became interested in threat modeling. (00:02:28)
4. Kim defines 'threat modeling,' explains who should threat model, and discusses her co-authored 'Threat Modeling Manifesto.' (00:04:28)
5. Kim describes the connection between threat modeling and a 'shift left' mindset / strategy. (00:06:36)
6. Kim describes basic design patterns that benefit threat modeling and anti-patterns that inhibit threat modeling. (00:09:20)
7. Kim explains the benefits to using the (free) LINDDUN Privacy Threat Modeling Framework for mitigating privacy threats in software. She also describes the 7 'privacy threat types,' 'privacy threat trees,' and some examples. (00:13:13)
8. Kim describes "privacy threat trees' and how they help you refine each threat type into more concrete threat characteristics. (00:20:47)
9. Kim uses privacy threat type of "linking" to illustrate concrete threat characteristics, examples, criteria, and impact info would be included in a 'privacy threat tree." (00:23:38)
10. Kim explains the benefits and differences between LINDDUN's methodologies: LINDDUN GO & LINDDUN PRO. (00:26:23)
11. We discuss how orgs can combine threat modeling approaches with privacy enhancing technologies to address privacy risks; and Kim recommends multiple resources. (00:30:50)
12. Kim describes her work as Program Chair for the International Workshop on Privacy Engineering (IWPE) Conference and highlights some anticipated talks. (00:33:09)
13. Kim discusses the topic of privacy & AI and refers listeners to the Privacy Library of Threats 4 AI ("PLOT4AI") Threat Modeling Card Deck (00:35:49)
14. Kim lists her favorite resources for privacy threat modeling, privacy engineering, and PETs. (00:36:36)
15. Kim talks about how the LINDDUN model and methodologies have been adopted by organizations over the past few years. (00:38:45)
16. Kim shares how can we better bridge the gap between the academic and commercial world when it comes to advancing and deploying PETs. (00:40:35)
63 episodes
Share
Manage episode 367186629 series 3407760
Content provided by Debra J. Farber (Shifting Privacy Left). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Debra J. Farber (Shifting Privacy Left) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This week's guest is Kim Wuyts, Senior Postdoctoral Researcher at the DistriNet Research Group at the Department of Computer Science at KU Leuven. Kim is one of the leading minds behind the development and extension of LINDDUN, a privacy threat modeling framework that mitigates privacy threats in software systems.
In this conversation, we discuss threat modeling based on the Threat Modeling Manifesto Kim co-authored; the benefits to using the LINDDUN privacy threat model framework; and how to bridge the gap between privacy-enhancing technologies (PETs) in academia and the commercial world.
Topics Covered:
- Kim's career journey & why she moved into threat modeling.
- The definition of 'threat modeling,' who should threat model, and what's included in her "Threat Modeling Manifesto."
- The connection between threat modeling & a 'shift left' mindset / strategy.
- Design patterns that benefit threat modeling & anti-patterns that inhibit.
- Benefits to using the LINDDUN Privacy Threat Modeling framework for mitigating privacy threats in software, including the 7 'privacy threat types,' associated 'privacy threat trees,' and examples.
- How "privacy threat trees' refine each threat type into concrete threat characteristics, examples, criteria & impact info.
- Benefits & differences between LINDDUN GO and LINDDUN PRO.
- How orgs can combine threat modeling approaches with PETs to address privacy risk.
- Kim's work as Program Chair for the International Workshop on Privacy Engineering (IWPE), highlighting some anticipated talks.
- The overlap of privacy & AI threats, and Kim's recommendation of The Privacy Library of Threats 4 AI ("PLOT4AI") Threat Modeling Card Deck
- Recommended resources for privacy threat modeling, privacy engineering & PETs.
- How the LINDDUN model & methodologies have been adopted by global orgs.
- How to bridge the gap between the academic & commercial world to advance & deploy PETs.
Resources Mentioned:
- The Threat Modeling Manifesto
- LINDDUN Privacy Threat Model
- STRIDE threat model
- Threat Modeling Connect Community
- Elevation of Privilege card game
- Plot4AI (privacy & AI threat modeling) card deck
- International Workshop on Privacy Engineering (IWPE)
Guest Info:
- Follow Kim on LinkedIn
Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.
Shifting Privacy Left Media
Where privacy engineers gather, share, & learn
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Copyright © 2022 - 2024 Principled LLC. All rights reserved.
Chapters
1. S2E19: Privacy Threat Modeling - Mitigating Privacy Threats in Software with Kim Wuyts (KU Leuven) (00:00:00)
2. Introducing Kim Wuyts, Sr. Postdoctoral Researcher at the IMEC-DistriNet Research Group at the Department of Computer Science at KU Leuven. (00:01:15)
3. Kim describes her career journey and how she became interested in threat modeling. (00:02:28)
4. Kim defines 'threat modeling,' explains who should threat model, and discusses her co-authored 'Threat Modeling Manifesto.' (00:04:28)
5. Kim describes the connection between threat modeling and a 'shift left' mindset / strategy. (00:06:36)
6. Kim describes basic design patterns that benefit threat modeling and anti-patterns that inhibit threat modeling. (00:09:20)
7. Kim explains the benefits to using the (free) LINDDUN Privacy Threat Modeling Framework for mitigating privacy threats in software. She also describes the 7 'privacy threat types,' 'privacy threat trees,' and some examples. (00:13:13)
8. Kim describes "privacy threat trees' and how they help you refine each threat type into more concrete threat characteristics. (00:20:47)
9. Kim uses privacy threat type of "linking" to illustrate concrete threat characteristics, examples, criteria, and impact info would be included in a 'privacy threat tree." (00:23:38)
10. Kim explains the benefits and differences between LINDDUN's methodologies: LINDDUN GO & LINDDUN PRO. (00:26:23)
11. We discuss how orgs can combine threat modeling approaches with privacy enhancing technologies to address privacy risks; and Kim recommends multiple resources. (00:30:50)
12. Kim describes her work as Program Chair for the International Workshop on Privacy Engineering (IWPE) Conference and highlights some anticipated talks. (00:33:09)
13. Kim discusses the topic of privacy & AI and refers listeners to the Privacy Library of Threats 4 AI ("PLOT4AI") Threat Modeling Card Deck (00:35:49)
14. Kim lists her favorite resources for privacy threat modeling, privacy engineering, and PETs. (00:36:36)
15. Kim talks about how the LINDDUN model and methodologies have been adopted by organizations over the past few years. (00:38:45)
16. Kim shares how can we better bridge the gap between the academic and commercial world when it comes to advancing and deploying PETs. (00:40:35)
63 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to The Shifting Privacy Left Podcast
A podcast about web design and development.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
