• Follow us


Reflecting on data privacy for 2019 – Why protecting our data is more critical than ever

2018 saw the implementation of GDPR finally become a reality, yet data privacy has still presented a huge issue for many companies and businesses globally. With social media giants seemingly selling our data to third parties, NHS staff supposedly reading patient records without good reason, and the questionable way in which banks may be using our data to make money, the chances of our data falling into the wrong hands appears to be bigger than ever.

Consequently, data privacy is now more crucial than ever, through providing individuals and businesses with the correct education and information to ensure our data is consistently in safe hands. Below, six industry experts give their take on why data security needs to be at the heart of operations, and their opinions on what can be done to ensure better data protection.

The crucial importance of data privacy in 2019

“Data privacy is not just a corporate or individual issue that affects digital lives, it can be a route to compromising citizen safety” explains David Higgins, Director of Customer Development, CyberArk. “This Data Privacy Day, organisations should encourage their entire workforce – not just IT teams - to re-evaluate how they secure and manage data.

“Data has become – arguably – the world’s most valuable asset, and data which could be used to wreak havoc on citizens’ lives is a tempting target for attackers. Compromised credentials that lead to a data breach could mean that incredibly sensitive data becomes available. Administration log ins to critical national infrastructure (CNI) systems, for instance, or medical data that could be used to profile or compromise key individuals in Government to help carry out a successful attack, like accessing the plans of a nuclear power station in order to learn how to shut it down.

“Infiltration or compromise of CNI could – very conceivably - result in the loss of control of public services such as utilities, healthcare and government. This consequently represents a severe risk to public safety. These are attacks on the fabric of our everyday existence. This Data Privacy Day, we need to recognise just how important a commodity it is.”

The invasion of privacy

Dr Darren Williams, Founder and CEO of BlackFog agrees that, “following a year of data scandal, data privacy day comes at a pivotal time for organisations across the spectrum. Privacy will undoubtedly come to a breaking point in 2019, with the existence of GDPR in Europe and similar laws under development in the United States and Australia. Citizens are now becoming aware of the invasion of privacy from social network platforms, major tech companies and even major governments around the world.

“And this invasion of privacy is leaving citizens vulnerable to attack. As every single – seemingly innocent – application or website they visit continues to collect some form of data about their usage and identity, this is allowing hackers to attack from every angle – profiling a person’s behaviour as they browse online on their devices and, in many cases, stealing their personal data.

Williams notes that, “while each attack is different, we can say that about 20 per cent of all data flowing from a person’s device is being sent to China, Russia and the Ukraine on a daily basis” (based on internal data collected by BlackFog). “This can include personal information and files on the device itself. As consumers fight back against tech giants and demand more control over their personal data, data privacy day has never been more important.”

The digital age challenges

Tristan Liverpool, Director of Systems Engineering, F5 Networks also explains how advancements in our digital age are creating further challenges for data privacy today. “Corporate cloud literacy is becoming an operational prerequisite as technological progress accelerates in EMEA. The explosive proliferation of applications, and their associated data, has created a vast new playing field for cyber-criminals in the cloud. Today, the fear of attack is constant.

“We urge businesses this Data Privacy Day to rethink where their priorities lie in an increasingly complex and shifting IT landscape. An immediate priority should be to secure all business applications. This will allow organisations to gain a tremendous return on investment and manage multi-cloud deployments with greater certainty.

Liverpool continues, “businesses adjusting their security strategies to focus more on applications and standardise on advanced security solutions have the freedom to deploy apps with efficient control and flexibility, while ensuring their customers’ data is kept safe. They also gain confidence to innovate and sustain business performance. Discerning customers valuing their identity and information will inevitably choose brands based on security and data management credibility.”

Why data privacy is more crucial than ever in the retail sector

According to Richard Bennett, Head of Advisory Services Business Solutions at VMware, the industry that most needs to focus on data privacy this year will be retail: “Consumers increasingly want retailers to provide personalised, seamless experiences based on their previous shopping habits, and as a result, high street retailers have struggled to compete with more established e-commerce players and their greater volume and command of data.

“Nonetheless, the pressure to safeguard customer data is immense, and even without GDPR, consumers now pay far greater attention to data privacy, sovereignty and security than in previous years. VMware research into consumer expectations of the retail industry recently revealed that misuse of data is the reason 55 per cent feel put off buying from a retailer. This shows that any industry looking to harness the power of customer data must therefore ensure security is their primary focus. 

“Retailers that fail to demonstrate how they are using data to deliver value, while keeping it secure, will struggle to prosper. Above all, they must remember that while the way consumers shop is changing, data breaches have become one of the key factors in determining brand loyalty. Those investing in retail technology must therefore put security at the heart of their investment to derive value.”

The first Data Privacy Day since GDPR

“As we approach the first data privacy day since GDPR has been in force, there is no doubt that analysing the effectiveness of the regulation will dominate.” Chris Hodson, EMEA CISO, Tanium, goes on to explain that, in his role as a CISO, he believes “there are many common misconceptions of GDPR.

“Firstly, we must remember that approximately 80 per cent of GDPR isn’t directly within the CISO’s purview. The whole business, most notably the DPO, must be responsible for driving data privacy across the enterprise. The security function can certainly help with the “how” of data protection and must be responsible for putting the processes in place to ensure that data is safeguarded. However, we are often very little use in ascertaining the “why” of data collection. For a security team or CISO, it’s about ensuring that controllers (and processors) carry out data processing in a transparent fashion. It’s about making sure that information is not left lying around in servers ad infinitum.

“That’s why the best defence is a model for qualification and assurance. That means having real-time visibility of the data stored across your network and where threats and vulnerabilities exist. But it also means taking a role in educating our boards, executives, and fellow employees on their role in protecting data: choosing systems and practices that support GDPR principles and maintaining practices that safeguard customer data in the long-term.”

Chris Huggett, Senior Vice President, Europe & India, Sungard Availability Services agrees that “GDPR sent organisations across Europe into a tailspin over their data storage and privacy procedures, and months on, only 59 per cent of companies believe they are GDPR-compliant. The amount of data we produce every day is truly mind boggling. There are 2.5 quintillion bytes of data created each day at our current pace, and that will only accelerate with the growth of the Internet of Things (IoT). Over the last two years along, 90 per cent of the data in the world was generated.

“A growing issue, as shown by O2 and TSB in the past 12 months, that is often overseen in terms of GDPR, is the result of an IT outage. There is no point in having resilient hosting and secure clouds if employees can’t connect during an outage. As a server or organisation’s infrastructure is down, data is then at risk to exposure and therefore a company is at risk of failing compliance. Securing your business and personal information takes diligence, consistency and maintenance. When an outage occurs, businesses must know exactly how to react immediately. IT and business teams will need to locate and close any vulnerabilities in IT systems or business processes and switch over to Disaster Recovery arrangements if they believe there has been a data corruption. Business units need to invoke their Business Continuity Plans and organisations need to stand up their executive Crisis Management Team.

 “An organisation’s speed and effectiveness of response will be greatly improved if it has at its fingertips the results of a Data Protection Impact Assessment (DPIA) that details all the personal data that an organisation collects, processes and stores, categorised by level of sensitivity. If companies are scrambling around, unsure of who should be taking charge and what exactly should be done, then the damage caused by the outage will only be intensified.”

Adam Mayer, Senior Technical Product Manager, Qlik says, “respecting data privacy rights is something that all employers must be confident with, especially in the GDPR era, where being open and transparent about the use of personal data has become increasingly paramount.

“Just last week Google faced a huge £44m fine by the CNIL for breaching privacy rules, and privacy group NOYB claimed Spotify, Netflix, Amazon and Apple are also breaking GDPR rules.

“When it comes to supporting staff with data protection regulations, companies must ensure that strong data governance polices are in place and that all employees know them and understand why they are important. Being data literate - the ability to read, work with, analyse and argue with data - is the key to unlocking this understanding and building customer trust in the long-term.

“Organisations need to embrace their ownership of personal data from the top down and empower all their staff to have a good level of understanding of data and how it is stored, managed and used. After all, when everyone is data literate, everyone can play their part in keeping the organisation on the straight and narrow, avoiding hefty fines and penalties.”

Being prepared with the right prevention solutions

Dan Turner, CEO, Deep Secure believes “it’s always best to assume that cybercriminals are better at attacking than you are at detecting them. Indeed, most ‘detect and protect’ technologies, like data loss prevent systems, are not sophisticated enough to identify new exfiltration methods. Steganography, for example, whereby a cybercriminal can encode both the initial infection and then the information it wants to steal into the pixel data of images, is largely undetectable. Whether the images are sent out in emails by a malicious insider, a tactic used by Chinese spies stealing turbine information from General Electric, or remotely infected and controlled by a hacker, detecting and protecting against data exfiltration has never been tougher. Indeed, our researchers found that a cybercriminal could complete bypass convention defences and extract as many as 300,000 credit card details in just 50 images. In 2019, we must concede that detect and protect technologies are no longer enough to assure the privacy of data. Instead, developing new prevention solutions, like content threat removal that can completely remove any “hidden information” from coming into or out of an organisation, is the critical next step for the cybersecurity industry.”

2019 is now well under way, and January, thanks in part to Data Privacy Day, has been an opportunity to reflect on the learnings of 2018 when it comes to protecting data. The focus should now be on reviewing existing data privacy and security procedures and ensure they are embedded into every operation and part of the business. Although GDPR has raised the bar, all organisations need to ensure they regularly review and update their data security strategy if they want to remain compliant.

IT ExpertsImage source: Shutterstock/Maksim Kabakou

Read More

Leave A Comment

More News

Latest ITProPortal news

Ryuk ransomware "still going strong" 2019-02-20 11:00:19Multiple groups still using Ryuk to extort money from companies.

Keep your business centre operations running 24/7 with 2019-02-20 08:00:40Reboot to restore solutions help IT admins take a preventive approach to computer management at business centres, thus enhancing the availability and

Microsoft uncovers major hacking attempts against EU organisations 2019-02-20 07:30:44Firms across Europe were hit in the attacks.

Qualcomm unveils most powerful 5G modem 2019-02-20 07:00:06Second-generation X55 modem will hopefully power the first 5G smartphones.

12 billion devices will be internet-connected by 2022 2019-02-20 06:30:28Up to four billion IoT devices will be online soon, Cisco estimates.

UK companies still worried about cyber risks 2019-02-20 06:00:38They fear 5G, but they're willing to invest.

Don’t let the tech takeover: Time rich, mindfulness 2019-02-20 06:00:22With today’s data-driven on-demand economy, we are winning back some of that precious time. But are we getting the most out of it?

The technology trust gap that’s hurting sales efforts 2019-02-20 05:30:02Here are my five key steps to get salespeople onboard with technology projects:

Why hackers love mainframe passwords – and what 2019-02-20 05:00:37Why are IBM’s mainframe customers seemingly reluctant to upgrade their security by incorporating multi-factor authentication?

Reflecting on data privacy for 2019 – Why 2019-02-20 04:30:11Below, six industry experts give their take on why data security needs to be at the heart of operations, and their opinions on what can be done to ens

Shipping on the cusp of a digital wave 2019-02-20 04:00:42Despite its significance, the industry still remains largely untouched by digital transformation and efficiencies it can bring.

Microsoft Surface Go review 2019-02-19 12:19:33An ideal pocket-sized budget work companion, but don't expect anything earth-shattering.

TechRadar: Internet news

The Samsung Galaxy Fold just changed the future 2019-02-20 20:04:54The Fold is too expensive, weird and thick for the mainstream… but this is just the beginning.

Best security camera: keep an eye on your 2019-02-20 19:53:36We've collected together all of the best smart security cameras for keeping your house safe when you're not around.

YouTube TV: Everything you need to know about 2019-02-20 19:42:38Watch out cable, YouTube TV is here to liberate the contract-bound masses. Here's everything you need to know.

Best running headphones 2019: our top 10 choices 2019-02-20 19:17:39From tarmac to trail, the best running headphones will keep your tunes going right up to the finish line.

Best Samsung Galaxy S10e pre-order plans and prices 2019-02-20 19:14:50Samsung's Galaxy S10e is supposedly its more affordable offering, but you can save even more with these plans

Best Samsung Galaxy S10 Plus pre-order plans and 2019-02-20 18:50:12The larger of Samsung's Galaxy S10 phones obviously costs the most, so here's how you can nab it for less.

Samsung's new Galaxy Fit and Fit E are 2019-02-20 18:47:15If you're going to release a fitness tracker these days, you need something exciting... but only the price might attract you.

Best Samsung Galaxy S10 pre-order plans and prices 2019-02-20 18:36:04Samsung's latest flagship will no doubt be its best to date, and here's how you can ensure you get your hands on it.

Remote code execution vulnerability discovered in WordPress 2019-02-20 18:31:48Researchers have discovered a critical flaw that could allow hackers to gain complete control over a user's WordPress blog.

Samsung Galaxy S10 Plus vs Samsung Galaxy Note 2019-02-20 18:20:13The Galaxy S10 Plus has a screen the same size as the Galaxy Note 9, but what else is similar?

Best Samsung Galaxy S10 outright prices in Australia: 2019-02-20 18:14:28Samsung's next flagship series, the Galaxy S10, has been revealed – here's how you can secure your pre-order.

Here's everything that launched at Samsung Unpacked 2019 2019-02-20 17:25:39Samsung just announced a huge number of new devices, so we've rounded up the info you need on them all right here.

TechCrunch » Enterprise

As GE and Amazon move on, Google expands 2019-02-15 13:06:48NYC and Boston were handed huge setbacks this week when Amazon and GE decided to bail on their commitments to build headquarters in the respectiv

Zendesk just hired three former Microsoft, Salesforce and 2019-02-14 17:19:22Today, Zendesk announced it has hired three new executives — Elisabeth Zornes, former general manager of global support for Microsoft Office, as

Peltarion raises $20M for its AI platform 2019-02-14 14:46:30Peltarion, a Swedish startup founded by former execs from companies like Spotify, Skype, King, TrueCaller and Google, today announced that it has rais

AWS announces new bare metal instances for companies 2019-02-14 10:42:36When you think about Infrastructure as a Service, you typically pay for a virtual machine that resides in a multi-tenant environment. That means, it&r

Zoho’s office suite gets smarter 2019-02-14 09:00:17As far as big tech companies go, Zoho is a bit different. Not only has it never taken any venture funding, it also offers more than 40 products that r

Google says it’ll invest $13B in US data 2019-02-13 13:39:30Google today announced that it will invest $13 billion in data centers and offices across the U.S. in 2019. That’s up from $9 billion in investm

Block Kit helps deliver more visually appealing content 2019-02-13 11:03:20Slack has become a critical communications tool for many organizations. One of the things that has driven its rapid success has been the ability to co

Fiverr acquires ClearVoice to double down on content 2019-02-13 08:00:50Fiverr is acquiring ClearVoice, a company that helps customers like Intuit and Carfax find professionals to write promotional content. The two compani

Google and IBM still trying desperately to move 2019-02-12 17:14:57When it comes to the cloud market, there are few known knowns. For instance, we know that AWS is the market leader with around 32 percent of market sh

Donde Search picks up $6.5 million to help 2019-02-12 17:00:23Donde Search has just closed a $6.5 million Series A investment led by Matrix Partners, with participation from previous investors such as senior lead

Glide helps you build mobile apps from a 2019-02-12 11:10:51The founders of Glide, a member of the Y Combinator Winter 2019 class, had a notion that building mobile apps in the enterprise was too hard. They dec

Datadog acquires app testing company Madumbo 2019-02-12 10:00:26Datadog, the popular monitoring and analytics platform, today announced that it has acquired Madumbo, an AI-based application testing platform. &ldquo

Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.