January 31, 2020
Privacy Spotlight: Adoriel Bethishou Information Security Analyst and Outdoor Explorer
Adoriel Bethishou, Information Security Analyst at Tevora
What has been your favorite project so far?
I worked on a project that strayed away from the traditional report writing of a privacy project and we executed graphics, playbooks, internal training materials, and more. The project was a great learning experience with the client requesting a matrix explaining the nuances of privacy laws from Brazil, India, Australia, etc. Discussing and researching allowed us to be creative in the way we approached everything within the organization. We also already had a strong relationship with the client, so it was fun to collaborate with their team on new ideas for different deliverables within their privacy road-map.
How do you define success?
I’m not fully sure, but I’d say be confident in where you are and confident that you’ve made the right choices leading up to that point.
Where do you see the new privacy laws in the cybersecurity industry going in the next ten years?
In the US, we’re already seeing the avalanche of privacy laws starting in California. I think a couple of the “big states” with more sway will pass privacy laws which will be used as a framework for other states to follow. From there, we’ll eventually see a federal privacy law. I don’t doubt we’ll have a federal bill, but I don’t know how big its reach will be and how it will play versus other existing laws (e.g. HIPAA, GLBA). I’m also curious if the government will eventually move away from the ambiguous text of current privacy laws and get more low-level in what they want to see organizations do to protect personal information.
What are some of the biggest challenges of implementing Privacy Laws?
The United States still doesn’t have a culture of privacy, especially in tech, that other countries may have. Many Americans still don’t consider user privacy to be on par with other rights. Additionally, corporate interest in politics is fairly strong in the United States, so companies that don’t want to have to deal with a US GDPR may allocate resources to opposing movements. It may not be that corporations have bad intentions, but we’ve seen a “collect everything and figure out what to do what it later” mentality from many big players for years, which at this point has made managing much of the collected information very challenging.
Best tips to find a balance between your work and personal life?
No specific tips come to mind, but I’d say to remember that you work to live and not vice-versa, and from there you can tell yourself when you’ve had enough work or free time for the day.
Do you have a favorite motto or quote to share with us?
“If somebody offers you an amazing opportunity but you are not sure you can do it, say yes – then learn how to do it later!” – Richard Branson
What’s something most people don’t know about you?
I speak an ancient language – Assyrian