Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Security and privacy: Together in good times and bad

Tom Cignarella (Adobe), Jennifer Ruehr (Adobe)
4:45pm–5:25pm Tuesday, October 31, 2017
Teachable moments
Location: Regent

Who is this presentation for?

  • Incident response professionals, application security engineers, privacy pros, and IT leaders

Prerequisite knowledge

  • Familiarity with basic security and privacy policy issues facing the industry
  • A basic understanding of incident response

What you'll learn

  • Learn how to keep your security and privacy teams functioning as a single unit and how to use resources effectively when incidents occur that require all hands on deck
  • Understand what to build out in terms of processes, communication protocols, and responsibilities to ensure information sharing is ongoing and responses to issues are in sync and always keep the customer in mind


Over the years, Adobe has dealt with security incidents that have had privacy implications. In these cases, Adobe’s security professionals bring in privacy experts to provide guidance on proper handling of sensitive information. They are the company’s eyes and ears for an ever-changing regulatory landscape. However, Adobe‚Äôs privacy team (like that of many companies) does not have the same technical resources as the security team, so security must often provide technical assistance with privacy issues. As a result, customers have come to view security and privacy as complementary parts of strong data and asset protection.

Drawing on their experience at Adobe, Tom Cignarella and Jennifer Ruehr explain how you can leverage the strengths of both security experts and privacy experts to constantly deliver what customers will expect from you, even through organizational shifts, divisions, and challenges.

Photo of Tom Cignarella

Tom Cignarella


Tom Cignarella is the director of the Security Coordination Center at Adobe, where he is responsible for security monitoring, incident response, and threat intelligence for all Adobe products and services, as well as the Adobe enterprise, and sets the strategy and builds out the framework for day-to-day operations for how teams monitor environments, investigate incidents, and communicate with internal stakeholders and customers. Previously, Tom was the director of product operations for Adobe’s CloudOps Group and technical operations for Adobe eSign (now part of Adobe Document Cloud). Prior to joining Adobe, Tom held technical operations leadership positions at Limelight Networks, Clickability, Symantec, BEA, Autodesk, Ariba, and Excite.

Photo of Jennifer Ruehr

Jennifer Ruehr


Jennifer Ruehr is legal counsel for privacy and security at Adobe, where she works on global privacy issues related to vendor management (including cross-border data transfers and data processing agreements), employee information, customer escalations, and corporate marketing and manages projects related to data governance, HIPAA, and privacy and security incident response. Jennifer is currently a fellow with the Leadership Council on Legal Diversity. She holds a JD from the University of Akron School of Law, a certificate in intellectual property law and technology, and a BA in English from Washington State University. She is a member of the bar in Ohio.