While data security has been an important topic since the internet’s inception, the issue is experiencing renewed prominence as platforms collect and struggle to secure copious amounts of personal information and prevent cyberthreats at the same time.
The early 2000s were characterized by unprecedented growth and participation in the digital data economy, but the 2010s saw the creeping consequences of this ecosystem. In fact, the number of data breaches per year more than doubled in the past decade. And at the start of a new decade, 2020 exceeded all previous records for data lost in breaches and the astronomical numbers of cyber-attacks on companies, government, and individuals.
As we approach mid-2021, data security appears to only worsening in terms of risk for organizations and it impacts every facet of a company’s business.
Simply put, increased risk alongside rapidly rising costs and customer and regulatory blowback have made data security a critical component for every company in the next decade. Here’s how to begin improving your defensive posture and prevent cyberthreats now.
1. Defend Against Known Threats
Everyone fears the unknown, and when it comes to data security, the unknown can be especially scary. However, while external bad actors are a serious threat to any organization, the most prescient threats actually reside within the company. Insider threats, which include employees, contractors and third parties that have the organization’s trust, are often the primary instigators of data loss events.
According to Verizon’s Data Breach Investigations Report, privileged user misuse and abuse is a prominent vulnerability with many causes. The report finds that “The motives … are predominantly financial in nature, but employees taking sensitive data on the way out to provide themselves with an illegal advantage in their next endeavor are also common.”
Moreover, many employees compromise company data in less malicious but equally devastating ways. In a survey of senior executives, 40% reported that employee negligence and accidental sharing played a prominent role in a data breach. Likewise, employees engaging with external threats like phishing scams complete a trifecta of risk that companies can address by enacting training and oversight over their employees.
Fortunately, companies know their insiders, and they can take steps to prevent these assets from becoming vulnerabilities. As digitalization and remote connections redefine the post-pandemic workforce, employee monitoring software has been deployed for a variety of reasons, but as companies re-organize when, how and where their teams re-engage and return to some semblance of ‘new normal’, this software can be the tool that allows companies to secure their critical information against insider threats regardless of where an insider accesses, uses and manages data.
What’s more, this incredibly capable software can be leveraged to protect company data and prevent cyberthreats without compromising other privacy-minded priorities.
2. Respect Privacy At Every Level
In the next decade, companies won’t just be tasked with securing company data. They will need to rethink and reorient the entire data collection landscape and the data-driven economy that this information fuels.
New regulations are giving both customers and employees control of their personal information like never before, and this places more responsibility on companies to be transparent and clear about what information they collect and how they use it.
The implications of this transition are incredible, and they will require many companies to:
- Develop new business models that account for diminished revenue as customers opt to prevent companies from selling their personal information.
- Restrict the amount of employee data collected as part of monitoring and oversight initiatives.
- Implement protocols for data transparency for all stakeholders.
To be sure, the implications of new privacy regulations will develop with time. But, it’s clear that shifting consumer sentiment and renewed government oversight makes it likely that employees and consumers will see their privacy rights expanded, not contracted, in the years ahead.
3. Communicate & Collaborate With All Stakeholders
Often, the past decade was marked by opaque, broad and unclear data management standards. Moving forward, every company needs to clarify its communication and collaboration process to support a thriving data landscape.
For instance, rather than viewing employees simply as risks to be managed, provide them with training, and engage them in data protection initiatives to transform them into valuable assets in your quest to protect customer and company data.
Companies need to simplify and clarify their data privacy communications. A study by the New York Times found that some statements took exceptionally long to read in their entirety, and they found that many privacy policies require reading ability that exceeds those of doctors and lawyers.
Data has never been at greater risk of being breached, and for this reason, data security will matter more than ever before. Companies have to get control of their data environment to fully succeed in the bold new world that awaits them on the other side of 2021.
Originally published in Forbes