Threat Modeling for Schrems II

Session Description

In preparation for the Security Labels & Schrems II session that is happening on Thursday, in this session we will be executing a Threat Model exercise aimed at mapping out the multiple Threat Modeling components of the scenarios affected by “Schrems II” (Threat Actors, Data Flows, Use Cases, Security Boundaries, Vulnerabilities and Risks)

Schrems II

As per the Schrems II ruling, the US is no longer an adequate country for EU personal data. BCS recently did a recent webinar on the legal aspects which you can see here

So far, the ICO guidance in the UK is to map your data flows in preparation for further guidance.

See also: