Data Privacy Day is coming up on January 28th (or what is called Data Protection Day in Europe). The event was first commemorated back in the early days of the adoption of technology, back in 1981. The inaugural event signalled of the first legally binding international treaty dealing with privacy and data protection.
In this time of mass adoption of technology and digital media content, Data Privacy Day continues to matter. The event aims to raise awareness and promote privacy and data protection best practices.
Ahead of the cyber-event, Matt Sanders, Director of Security at LogRhythm, explains to Digital Journal why the event is of such importance to businesses and consumers – indeed anyone who enters their data into a digital system.
Sanders begins by outlining the importance of the annual event: “Data Privacy Day serves as a reminder for companies to take a step back and evaluate their day-to-day cybersecurity practices.”
This means businesses need to take the event seriously. Sanders advises: “Organizations must do their part in ensuring the valuable information they are entrusted with – including customer, employee, partner and corporate data — remains properly protected.”
The simple reason being, says Sanders, is because “modern day companies run on data, making it critical that security leaders are knowledgeable of, and aligned with, the overall business goals. This enables the company to access and leverage data as needed, while still ensuring its security.”
The need for privacy is captured in a recent survey, which Sanders cites: “According to our 2021 report (“Security and the C-Suite: Making Security Priorities Business Priorities”) based on research conducted by the Ponemon Institute, 93 percent of security leaders do not directly report to the CEO, and only 37 percent of respondents believe their organization values and effectively leverages cybersecurity leaders’ expertise.”
In other words, the corporate world is seemingly, in a large proportion of cases, not taking cybersecurity, data breeches, and data privacy, as importantly as they should in terms of their corporate structures.
Sanders continues: “This significant misalignment is leaving ample room for shortcomings in cybersecurity initiatives that can lead to data breaches. For example, our recent report found that only 49 percent of respondents’ incident response plans account for problems like ransomware, and only 25 percent include guidance on how to handle hackers – two common ways sensitive data can be exposed or compromised.”
In terms of the required business reforms, Sanders recommends: “Security leaders must report directly and regularly to their CEO and board of directors to align business and security priorities and ensure the right security programs are in place. Well-equipped security programs enable the future of the business– keeping data secure while supporting the company’s overall growth and success.”