This chapter covers
- Privacy risks hidden within security risks
- How testing and development efficiencies can increase risk
- Building an enterprise risk model to identify, track, and address privacy risks
- How major privacy and security risks are cumulative and impactful in ways that are hard to predict and plan for
- Using authorization to reduce risk
- Privacy risks hidden in authorization implementations
Privacy controls are complicated for many companies to implement—particularly those with limited budgets or that are small or medium sized. Such organizations often face a critical question: “Where do we get started when it comes to building privacy into our technical infrastructure?” While prioritization questions are perennial, the much harder question to answer is what to do first.