USACM considers Privacy and Security to be interlinked. The idea that one must give up privacy for security or vice versa ignores how good privacy practices can help establish good security, and how good security can help protect privacy.  The rash of data breaches over the last several years represents failures in protecting both privacy and security. 

Preserving privacy and security is more than implementing best practices.  From the design of systems through their implementation and operation it is critical to keep both security and privacy in mind.  Any personal data used in a large computing system needs to be stored, collected and managed appropriately throughout its use.  Computing security involves not just protection against anticipated threats, but monitoring for possible threats (from within and without), physical protection, access controls, and both individual and corporate accountability for security and its failure

Related Documents


Related Articles

USACM Focuses On Roadmap In Cybersecurity Framework Comments
As part of its work on the Cybersecurity Framework (Framework), the National Institute of Standards and Technology (NIST) sought comments from stakeholders on their experiences with it.  USACM has followed the development of the Framework since the 2013 Executive Order that requi ...Read More

  • (Posted on 15-Oct-14)
  • NITRD Agencies To Develop National Privacy Research Strategy
    The White House Office of Science and Technology Policy has asked a steering group in the Federal Networking and Information Technology Research and Development (NITRD) Program to lead development of a National Privacy Research Strategy.  As part of this effort, there is a Reques ...Read More

  • (Posted on 30-Sep-14)
  • NIST Will Present Draft Privacy Engineering Objectives
    On Thursday, October 2, the National Institute of Standards and Technology (NIST) has a webcast scheduled to present its draft (including a discussion deck) Privacy Engineering Objectives and Risk Model.  The development of these materials has been informed by two Privacy Enginee ...Read More

  • (Posted on 29-Sep-14)
  • The Food And Drug Administration Seeks Input On Medical Device Security
    The Food and Drug Administration (FDA) has announced a workshop on medical device cybersecurity for October 21 and 22 in Arlington, Virginia.  Titled “Collaborative Approaches for Medical Device and Health Care Cybersecurity,” the event is intended for a broad audienc ...Read More

  • (Posted on 28-Sep-14)
  • NIST Continues To Take Feedback On The Cybersecurity Framework
    (Edited September 4 to focus on NIST activities concerning the Cybersecurity Framework) The National Institute of Standards and Technology (NIST) has posted a Request for Information on the Cybersecurity Framework, with a deadline for comments of October 10.   Developed and admin ...Read More

  • (Posted on 30-Aug-14)
  • USACM Comments On Intersection Of Big Data And Consumer Privacy
    Yesterday USACM responded to a Request for Comment from the National Telecommunications and Information Administration (NTIA).  In response to a recommendation in the Administration’s Big Data report released in May, the NTIA solicited public comment on how the Consumer Pri ...Read More

  • (Posted on 06-Aug-14)