Elizabeth Wharton

Elizabeth (Liz) is Chief of Staff at SCYTHE where she serves as a strategic advisor for the CEO and leadership team, building and maintaining cross-department relationships, crafting external initiatives, and driving day-to-day projects and tasks. She brings to SCYTHE over a decade of legal, policy, and business experience within the information security field. Prior to joining SCYTHE she served as VP Operations and Strategy for a third-party risk threat intelligence platform startup, scaling the company from 5 to 25+ employees and successfully completing a $10m Series A funding round. Previously she was the Senior Assistant City Attorney with the City of Atlanta responsible for advising Hartsfield-Jackson Atlanta International Airport on technology policy and projects – including the airport’s “first of its kind” safety risk assessment and integration of drones into airfield operations at the “World’s Busiest Airport.” She also served on the immediate incident response team for the City of Atlanta’s ransomware incident.

The former host of the “Buzz Off with Lawyer Liz” tech-focused radio show and podcast, Liz is a frequent podcast guest and speaker on risk mitigation and regulatory policy on IoT, drone, and aviation cybersecurity issues at conferences including SXSW, ShmooCon, Hack the Capitol, the Talos Threat Research Summit (Cisco Live!), and the GSMA Global Innovation Forum. She serves on various national technology and information security regulatory working groups, including the Business Executives for National Security’s Tech and Innovation Council, and is a mentor for startup accelerators. She received her J.D. from Georgia State University College of Law and her B.A. from Virginia Tech.

Sessions by Liz

Building better privacy (data and information protections) into software, systems, and practices doesn’t have to be overly complicated. Privacy, at its core, is protecting data from unauthorized access and misuse. Regulatory frameworks in the US, EU, and LATAM are increasingly requiring heightened data privacy and protections. Evolving ransomware attacks moving beyond encrypting data to exfiltration and even release of the data, further highlight the need for additional attention to strengthening data privacy practices. The same offensive ADR: Attack * Detect * Respond tactics and tools utilized for building playbooks can be leveraged for engineering privacy. We will walk through some of the common offensive technologies and tools used to practice attack, detect, and respond (ADR) and identify how these should be leveraged to focus on privacy engineering.