emergency responseEmergency Response

Home | The importance of privacy in your cybersecurity strategy

The importance of privacy in your cybersecurity strategy

September 22, 2021 | By: Virtual Guardian
Share: linked intwitter

Keeping confidential information secure has always been under the care of the cybersecurity team in bigger organizations or for SMBs, their IT department. While that task has come with its own challenges, we are now thrown into an additional challenge that comes with the digital transformation phenomenon: the exposure of personal data, better known as Personal Identifiable Information (PII).

Numerous data breaches made headlines in the last few years. It was just a piece of news among others for many until things started hitting us close to home. Some of the breaches had critical information that could help identify individuals. It goes from the well-known email and password combo to more critical information such as: date of birth, full name, social security number and address.

Once the data breach occurs, all that information becomes available for sale on the Dark Web or sometimes on platforms that are easily accessible to anybody with malicious intent.

At this point, hackers have all the ingredients for fraud and identity theft.

Privacy implies the obligation to get the user’s formal approval along with the purpose of the data collection. That area is where the IT team will need to follow guidance from litigation to ensure the company complies with the legislation in force. The company will need to perform its due diligence in assessing how to communicate with the individuals should an incident occur with their data.

Once again, litigation will be leading this initiative to ensure lawful resolution and communication.

behind the shield

Some companies believe that privacy should not be part of their security objectives because they do not collect any personal information. However, this omits the employees’ PII collected by HR as part of the employment process!

The recent rise of privacy-related regulations has been quite a refreshing trend to witness considering how much personal data is requested and processed by businesses. Let’s do a quick recap of some of them, which are either brand new or updated:

  • The General Data Protection Regulation (GDPR) for the European Union and its citizens
  • The California Consumer Privacy Act (CCPA) for California
  • The New York Privacy Act (under development)
  • Bill C-11, the Canadian Federal Privacy law (under development)
  • Bill 64, the provincial law for Quebec (under development)

For a long time, privacy was deemed solely a legal matter. However, digital transformation quickly brought technology at the forefront of that battle. ESI, alongside your legal team, can assist you on multiple fronts: advice in the management of your confidential data, in the compliance to privacy regulations or even in the assessment of your privacy controls.

Be a Contributor

Become a Guest Blogger with Virtual Guardian!

Do you have an idea for our next blog or want to suggest a hot topic for Behind the Shield? Tell us what you want to know!

rss feed icon

Latest Government News

Can’t focus on the many threats to your business?

Let our 24/7 SOC, powered by IBM Security’s QRadar, safeguard your organization.