Privacy looks to be one of the hottest topics at RSA Conference 2016. Cisco's Michelle Dennedy shares insights on encryption backdoors as well as the likely impact of newly revised EU privacy legislation.
Dennedy, the recently appointed chief privacy officer at Cisco, says privacy has often seemed to be a bolt-on topic at the RSA Conference. But this year, she sees it getting the spotlight it deserves.
"At last, we are looking at data centricity, the importance of information as a key economic driver of the marketplace and security as one of the key integrity engines of that economic confluence of information and technology working for people - and not people just being oppressed by too much information and too much technology," Dennedy says.
The big breaches of the past year - especially those that hit Anthem Inc. and U.S. Office of Personnel Management - have brought extra attention to privacy, Dennedy says, as has the debate over whether governments should be allowed a surveillance "backdoor" into encrypted applications.
At RSA Conference 2016, Dennedy will participate in two sessions:
- Privacy, Security, IT and the New European General Protection Regulation. The final draft of the legislation empowers regulators to hit breached entities with fines of up to 4 percent of global profits. "That's a big wake-up call," Dennedy says, but she also has a clear message to security and privacy leaders: "Don't panic."
- Can Government Encryption Backdoors and Privacy Co-exist? Is It an Oxymoron? Dennedy's view on this topic is clear. "A door is a door," she says. "Where you create an elaborate system of additional complexity on top of an already complex system, you are introducing risk and a new threat surface for both the attackers and people you think are lawfully entering the environment."
If law enforcement needs access to encrypted data for investigations, the technology already exists to provide that access, she says. No backdoor is neeeded. "Backdoors are just doors that aren't guarded very well," she says.
In an interview (see audio link below photo) about topics to be discussed at the event, Dennedy talks about:
- Why privacy is the new hot topic RSA Conference 2016;
- The likely impact of the European General Data Protection Regulation;
- Why encryption backdoors are at fundamental odds with privacy.
Dennedy is the incoming vice president and chief privacy officer at Cisco, having previously served the role of chief privacy officer at Intel Security and Sun Microsystems Inc. She was a driving force behind these companies' privacy practices that safeguard customer and employee personal data. Dennedy is a frequent speaker and keynoter at industry events. She received the 2014 Stevie business award for woman of the year. She is a member of the advisory board at the Future of Privacy Forum. Dennedy received her J.D. from Fordham University School of Law.