Privacy Firefighting: Incident Management Lessons from (Literal) Fires

Friday, June 24, 2022 - 4:10 pm4:25 pm

Katie Hufker, Meta

Abstract: 

At Meta, we always do our best to build robust systems that honor users’ privacy. However, sometimes things go wrong and we need to respond to events that may lead to privacy vulnerabilities and incidents. This sometimes forces us into incident response mode as we must quickly act to determine what’s broken, fix it, and ensure our systems end up in a better state. After spending time putting out literal fires as a volunteer firefighter, I’ve realized that there are many similarities between the two even if the tools and problems are different. Let’s talk about what we can learn from the fire service around things like incident organization and communication to improve our privacy firefighting.

Katie Hufker, Meta

Katie Hufker has been an engineer on Meta’s Privacy team for over three years, where she helps find and address emerging privacy issues and assists with Meta’s Privacy Incident Review program. Outside of work, Katie volunteers as a firefighter/EMT, where she deals with similarly critical incidents in the physical world. She has a bachelors in Computer Science and a masters in Biomedical Informatics from Stanford University.

BibTeX
@conference {280274,
author = {Katie Hufker},
title = {Privacy Firefighting: Incident Management Lessons from (Literal) Fires},
year = {2022},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = jun
}

Presentation Video