Skip to main content

The NCSA expands annual Data Privacy Day into Data Privacy Week

Even in a society so heavily reliant on the internet, millions of people remain ignorant of who has access to their personal information on the web–and what can be done with that information. This year, the National Cybersecurity Alliance (NCSA) has expanded its annual Data Privacy Day into Data Privacy Week. The event runs from January 24-28 and works to raise more awareness and help people protect themselves online as well as hold businesses accountable when it comes to respecting user personal data. 

According to our 2021 report based on research conducted by the Ponemon Institute, 93% of security leaders do not directly report to the CEO, and only 37% of respondents believe their organization values and effectively leverages cybersecurity leaders’ expertise,” said Matt Sanders, director of security at LogRhythm. “This significant misalignment is leaving ample room for shortcomings in cybersecurity initiatives that can lead to data breaches… 49% of respondents’ incident response plans account for problems like ransomware, and only 25% include guidance on how to handle hackers – two common ways sensitive data can be exposed or compromised.”

Sanders believes that this issue can be resolved if security leaders reported directly to their CEO and board of directors in order to better align business practices with security priorities. “Well-equipped security programs enable the future of the business– keeping data secure while supporting the company’s overall growth and success,” he said.

For this year’s Data Privacy Week, the NCSA offered a few recommendations to better protect user personal data. First, they say it is important to understand the tradeoff between privacy and convenience. They advise users to be extremely mindful of what they are sharing versus what they are getting in return. 

In its  post about Data Privacy Week, the NCSA wrote, “Be thoughtful about who gets that information and wary of apps or services that require access to information that is not required or relevant for the services they are offering. Delete unused apps on your internet-connected devices and keep others secure by performing updates.”

Additionally, the NCSA said that users can help protect their personal data by proactively checking and managing the privacy settings on web services and apps to ensure that they are set to an appropriate level. With this, they also advise internet users to create unique and difficult to guess passwords and storing them in a password manager.

In the post, the NCSA also spoke about other ways that users can protect their personal information, writing, “Add another layer of security by enabling multi-factor authentication (MFA) wherever possible, especially on accounts with sensitive information. MFA has been found to block 99.9% of automated attacks when enabled and can ensure your data is protected, even in the event of a data breach.”

According to Rob Price, principal expert solution consultant at Snow Software, the way data privacy is perceived has shifted with the introduction of cloud-based technology. “A common misconception is that if your data is offsite or cloud-based it’s not your problem – but that is not true because the cloud is not a data management system,” he said. 

Price went on to explain that data privacy and the protection of personal user information is the responsibility of every employee within the organization, whether or not that data is stored in the cloud. “This is especially true when it comes to data retention… Once their data retention period ends, organizations should get rid of excess data they no longer need, because it quickly becomes a liability as well an unneeded expense,” he explained. 

The NCSA also emphasized the importance of organizations respecting and being mindful of the personal data they are in possession of. Their main advice for companies is to remain transparent about what you are collecting and for what reason. According to the NCSA, being open with consumers about their data will lead to enhanced trust and overall growth in the business. 

Additionally, they say that when it comes to protecting personal user data, it is essential to conduct assessments and analyze what is being collected and how. “Whether you operate locally, nationally, or globally… Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access and make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes,” their post read.

Another tip NCSA gave to businesses is to adopt a primacy framework. This works to manage risk and create a culture of privacy throughout the entire organization. They cited NIST Privacy Framework, AICPA Privacy Management Framework, and ISO/IEC 27701-International Standard for Privacy Information Management as good options to start with. 

NCSA also stressed the importance of employee education around data privacy when it comes to creating and maintaining a culture of privacy. According to NCSA, this education is most effective when it is started during the hiring and onboarding process. “Engage staff by asking them to consider how privacy and data security applies to the work they do on a daily basis,” the NCSA said.

 

The post The NCSA expands annual Data Privacy Day into Data Privacy Week appeared first on SD Times.



from SD Times https://ift.tt/3ILjJNL

Comments

Popular posts from this blog

Difference between Web Designer and Web Developer Neeraj Mishra The Crazy Programmer

Have you ever wondered about the distinctions between web developers’ and web designers’ duties and obligations? You’re not alone! Many people have trouble distinguishing between these two. Although they collaborate to publish new websites on the internet, web developers and web designers play very different roles. To put these job possibilities into perspective, consider the construction of a house. To create a vision for the house, including the visual components, the space planning and layout, the materials, and the overall appearance and sense of the space, you need an architect. That said, to translate an idea into a building, you need construction professionals to take those architectural drawings and put them into practice. Image Source In a similar vein, web development and design work together to create websites. Let’s examine the major responsibilities and distinctions between web developers and web designers. Let’s get going, shall we? What Does a Web Designer Do?

A guide to data integration tools

CData Software is a leader in data access and connectivity solutions. It specializes in the development of data drivers and data access technologies for real-time access to online or on-premise applications, databases and web APIs. The company is focused on bringing data connectivity capabilities natively into tools organizations already use. It also features ETL/ELT solutions, enterprise connectors, and data visualization. Matillion ’s data transformation software empowers customers to extract data from a wide number of sources, load it into their chosen cloud data warehouse (CDW) and transform that data from its siloed source state, into analytics-ready insights – prepared for advanced analytics, machine learning, and artificial intelligence use cases. Only Matillion is purpose-built for Snowflake, Amazon Redshift, Google BigQuery, and Microsoft Azure, enabling businesses to achieve new levels of simplicity, speed, scale, and savings. Trusted by companies of all sizes to meet

2022: The year of hybrid work

Remote work was once considered a luxury to many, but in 2020, it became a necessity for a large portion of the workforce, as the scary and unknown COVID-19 virus sickened and even took the lives of so many people around the world.  Some workers were able to thrive in a remote setting, while others felt isolated and struggled to keep up a balance between their work and home lives. Last year saw the availability of life-saving vaccines, so companies were able to start having the conversation about what to do next. Should they keep everyone remote? Should they go back to working in the office full time? Or should they do something in between? Enter hybrid work, which offers a mix of the two. A Fall 2021 study conducted by Google revealed that over 75% of survey respondents expect hybrid work to become a standard practice within their organization within the next three years.  Thus, two years after the world abruptly shifted to widespread adoption of remote work, we are declaring 20