In the world of digital acceleration, most businesses have moved from co-location to cloud solutions. Organizations have a vast quantity of data at their disposal, and it is the onus of the organization to safeguard the data and ensure data privacy.
A data privacy survey by McKinsey & Co invited 1,000 customers to rank industries based on trust and data protection. Of those, 44% chose healthcare and financial services as the most trusted sector. On the other hand, government, media, and entertainment are the least trusted with a mark of 10-11%. However, in hindsight, less than half of the respondents trust doctors and banks with keeping their data safe.
Organizations that implement careful protection of their data stand out in gaining confidence and trust among customers over their competition. On the contrary, when an organization suffers a security breach, the business quickly starts losing its customers. Such breaches not only lead to financial losses but also greatly impede reputation and customer trust. Nine out of ten people are more loyal to the companies when they can place their trust.
According to an article by HelpNet Security, 83% of consumers say that they will pause their spending on a business post a security breach for several months and around 21% of consumers claim to not return to the business at all.
With privacy breaches at an all-time high, organizations need to understand the broader concerns of a data breach which includes fines, lawsuits, customer mistrust, loss of revenue, and reputation. Hence, protecting the data from unlawful access by unauthorized parties is not only important for the bottom line but also for the customers.
Organizations need to ensure cyber resiliency to secure themselves from security breaches and cyber-attacks. Cyber resiliency plays a crucial role in embracing digital transformation of enterprises and maintaining business continuity. Enterprises require intelligent solutions to be resilient against cybercrimes and breaches by activating security walls, detecting active and potential threats, securing data and applications, and protecting identities.
Holistic approach towards data security
Organizations must look at adopting a holistic, analytics-driven approach to privacy -- securing identities, application, and data.
- Identities: Over the years with the evolution of the Internet of Things (IoT) and the increase in connected devices, identities have evolved beyond heartbeats. Proper identity and access management is a major concern to be addressed. Businesses need to evaluate information, its access to privileged parties, and the way their privileges are being managed.
- Application: With the dawn of the national lockdown last year, people started relying heavily on applications for work, entertainment, and education. According to a report by App Annie, consumers have spent a record of $28 billion in applications in Q3 of 2020. This became the golden lure for hackers to steal sensitive data and use them for the dark web or other illicit motives. Businesses must be able to find the breaches in all types of applications – premises or cloud, have a strategic course of action to resolve the vulnerability, and practice fast security testing to protect all applications to be deployed.
- Data: Organizations need to have a comprehensive data discovery solution to have knowledge of all the data at their disposal. However, only having knowledge of the sensitive data and its dwelling will not be enough to protect it. A business is surrounded by cyber attackers and neither its external nor internal environment can be completely trusted with the data environment. To combat this, organizations need to protect their data by implementing data-centric privacy and protection programmes that allows encryption at the data level. This ensures that sensitive data is protected throughout the data lifecycle while still allowing data to be moved around the organization for processing and analysis in a secured manner.
Being privacy aware
Cyber threats are on the rise with unforeseen risks and breaches leading to increased demand for privacy and compliance requirements. Information security vendors offer strong point solutions.
However, only a few vendors can assure security professionals on protection against breaches, privacy defiance of individuals and their data, and compliance with regulatory and jurisdictional regulations -- at scale, with ease, awareness, and trust.
It is crucial for an organization to have a holistic blueprint of the solutions required to address the need to access and analyze data, deliver value to customers, and integrate security and protection seamlessly and efficiently into the business.
For every business, security must be the core of all activity. Taking data privacy seriously and enveloping the business with a security blanket is the path to enable organizations to adapt and develop for the future.
Praveen Patil Kulkarni
Praveen Patil Kulkarni is country manager, security, risk & governance at Micro Focus, India. The views in this article are his own.