Sharron Reed Gavin, VP Operational Risk and Data Privacy Office at Contrast Security, shares insights on how this can be achieved

79% of U.S. adults report being concerned about the way their data is being used. Illustration: Unsplash

With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business success today would be a massive understatement. From tweaking shipping strategies to delivering more relevant advertising campaigns to customers, businesses are constantly looking for ways to make more data-driven decisions.

But with this access to consumer data comes great responsibility. And unfortunately, in many consumers’ eyes, companies are not doing all they can to make sure that their data is being used securely and with the highest privacy standards in mind.

According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business.

Many companies regularly conduct an assessment of the data collection practices on a regular global level. They seek to understand which privacy laws and regulations apply to the business and follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access and make sure the personal data they collect is processed in a fair manner and only collected for relevant and legitimate purposes.

Prioritize third-party cybersecurity

The new solutions are being oversight by different companies in the Cyber field. Companies that provide any services are also responsible for how they collect and use their consumers’ personal information. And as this past year’s slew of supply chain attacks -- most notably the Kaseya and Accellion breaches -- have shown, third-party breaches can be just as hard-hitting as if cyber companies were attacked directly.

Therefore, there is a rigorous checklist in place to ensure that organizations are taking cybersecurity and data privacy seriously. Here are a few examples of how cyber security company can ensure this:

• Business continuity/disaster recovery plans, that are being tested regularly.

• Hire an external audit firm to perform a compliance review of the operational controls.

• Implement a pre-employment screening policy for employees and contractors.

• Files and records reviewed, retained and purged in accordance with legal requirements, contractual obligations, and service level agreements.

Adopt a privacy framework

Knowing the risks that we are facing in regard to data is pivotal to making sure it is safely maintained and used. However, only 57 percent of businesses conducted a data security risk assessment in 2020. Researching and adopting a privacy framework can help to manage risk and create a culture of privacy by building privacy into the base of the business.

Educate employees

Ongoing training and awareness campaigns for employees are a must for businesses today especially as the digital world becomes more and more driven by remote work. Unfortunately, many businesses are coming up short in terms of their training and awareness efforts. For example, 44 percent of organizations provided no cybersecurity training geared towards remote work for their employees.

Data privacy success hinges on a business’s ability to create a culture that priorities privacy within their organization. Many companies educate their employees about their role and the company's obligations to protecting personal information is central to establishing this type of environment. They educate employees on the company's privacy policy and teach new employees about their role in the privacy culture during the onboarding process.

They also can begin to build on these fundamentals by setting up ongoing training and awareness sessions, establishing fireside chats with leadership around cybersecurity, and building toolkits for employees to refer to on a daily basis.

---

2021 was yet another watershed year in terms of business data use. And 2022 is likely to be another. Therefore, it is imperative that businesses put their best foot forward when it comes to data privacy, and these few steps can help them make significant strides in developing better privacy habits.

Sharron Reed Gavin is VP Operational Risk and Data Privacy Office, Contrast Security.

Contrast Security will participate at the upcoming Cyebrtech Global Tel Aviv, to be held (in person!) between March 1st-3rd, 2022. For additional information, please visit the event’s official website.

Gavin's photo is courtesy of Contrast Security PR.