Security and Privacy: Often Aligned, But Sometimes NotFew Continue to Conflate Security and Privacy, Says Attorney James Shreve
Not so long ago, many were confused about how security and privacy differed, but that has been rapidly changing, thanks to regulations such as the European Union's General Data Protection Regulation and California's Consumer Privacy Act, says attorney James Shreve, who's a partner at Thompson Coburn LLP.
For some projects, such as access management, privacy and security teams might align. But other initiatives, such as the use of biometrics, may be championed by security teams while generating caution from privacy groups, in light of emerging regulations, he says.
In a video interview with Information Security Media Group at RSA 2020, Shreve also discusses:
- How privacy and security are sometimes complementary, but sometimes in conflict;
- The growing impact of privacy regulations such as GDPR and CCPA on security practices;
- How the cloud has changed the third-party risk landscape, and how organizations must respond.
Shreve is a partner at Thompson Coburn LLP in Chicago, where he chairs the cybersecurity practice. He previously served at such practices at BuckleySandler, Goodwin Procter and WilmerHale.