There is a saying in sociopolitical circles: “politics is downstream from culture.” Using that same line of thinking, poses a question: Is information security downstream from data privacy?
In order to tell the difference between security and privacy and how they feed in to each other to achieve both, we’ll look at the leading regulation: the National Institute of Standards and Technology (NIST) Privacy Framework.
Information Security Versus Data Privacy
Why do you secure something? You secure something because you want to keep it private. After all, it’s not exactly like we are in the habit of sharing client data, personally identifiable information, intellectual property or the nuclear codes. All of that should be private. In turn, the rightful owner of the data must secure it. And, that is what makes for an interesting discussion about the difference between cybersecurity and privacy.
Cybersecurity and information security measures are often designed around keeping information safe and available, as a whole. On the other hand, privacy measures tend to be more focused on the processing of personal data and privacy rights.
We may be in the middle of a shift. Laws and frameworks centered around privacy are gaining even greater traction. You could make the argument that much of the shift is a result of protecting the privacy of customer data. For example, a 2019 Pew Research study revealed Americans have data privacy concerns specifically related to the collection and use of their data. Some of the key findings include:
Concern about how much data apps collected.
Concern that people collecting tha ..
Support the originator by clicking the read the rest link below.
