Engineers’ Role In Managing Cyber-Risk 

Privacy engineering plays an important role in network safety. Our reading defines privacy engineering as a “discipline of systems engineering focused on achieving freedom from conditions that can create problems for individuals with unacceptable consequences that arise from the system as it processes” (Brooks, 2017). Despite giving this definition, the reading also clarifies that no one, encompassing definition is fully accepted in the cybersecurity community. There are many ways that this engineering, and behind that engineering, the engineers, mitigate risks. They can give evidence to display how a level of honesty (or “trustworthiness”). Another method discussed in the reading is to utilize  an 

“organizing construct to help [the engineers] characterize system properties associated with privacy and to map system capabilities” (Brooks, 2017). Engineers can also set clear objectives and goals that greatly facilitate the communication between systems. The three example objectives displayed in the reading (Figure 6) are predictability, manageability, and dissociability. Within this vague but important categories, engineers are able to create a more distinct plan by making bullet points with specific measures on how to achieve the objectives or goals. They can be used as a basis to show the transparency and trustworthiness within a network, organization, or company. Although these goals are very important when discussing transparency, the reading specifically states that they are meant to “supplement, but not replace” the Fair Information Practice Principles (Brooks, 2017). All these measures that engineers can take to help manage the risk involved in handling sensitive and private information. 

Work Cited 

Brooks , S., Garcia , M., Lefkovitz, N., Lightman, S., & Nadeau, E. (2017, January). An    Introduction to Privacy Engineering and Risk Management … Retrieved October 30, 2019, from https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf.