Bad Metrics and Very Bad Decisions

Monday, September 11, 2023 - 1:30 pm1:50 pm

Lea Kissner, Lacework


Metrics help people make decisions. Most of the time, these are better decisions. But shockingly often, especially when privacy is in play, they are terrible decisions. These bad metrics are used by product teams trying to make their product better and making unknowingly terrible privacy calls, but they're also coming from inside the house: a preponderance of privacy program management is flat-out wrong. If your metrics are telling you to do something, how do you know they're pointing you in the wrong direction?

Lea Kissner, Lacework

Lea is the CISO of Lacework. They work to build respect for users into products and systems through deeply-integrated security and privacy. They were previously the CISO and Head of Privacy Engineering at Twitter, Global Lead of Privacy Technology at Google, came in to fix security and privacy at Zoom, and CPO of Humu. They earned a Ph.D. in computer science (with a focus on cryptography) at Carnegie Mellon University and a BS in electrical engineering and computer science from UC Berkeley.

@conference {290851,
author = {Lea Kissner},
title = {Bad Metrics and Very Bad Decisions},
year = {2023},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = sep

Presentation Video