Betrayed by Their Browsers: How Security Teams Are Failing to Protect Users from 3rd Party Tracking and How to Stop It

While there is significant time and investments made by the CISO and Privacy offices to assure that user data is not leaked from the network, users’ data- often their most sensitive- is being leaked to third-parties by the myriad of analytics tools that are added to web applications even after they have passed their security testing and privacy impact assessments, thus creating a blind spot for those who are actually responsible for security and privacy. This talk will provide information to privacy and security professionals on how to identify third-party tracking code that has been added to their applications, how to assess the severity of the issue, and how to articulate the problem to their leadership.