With cybersecurity awareness being a primary topic for security leaders, Data Privacy Week (January 24-28) is a good time to reflect on the importance of data protection and privacy against rising cyberattacks. According to a Pew Research Center Study, nearly 79% of U.S. adults reported concerns about how organizations are using their data. And 81% of them feel they have little to no control over data being collected by companies.
By Rudra Srinivas, Senior Feature Writer, CISO MAG
Targeted data breaches have surged exponentially after peddling stolen data on dark web forums became a lucrative revenue model for cybercriminals. Most users are unaware of how their sensitive data is collected, used, or shared in the current digital world. Not only companies, but it is also the responsibility of users to know where their sensitive data is going, and how to protect it against misuse.
Data Privacy Week
Data Privacy Day observes the first legally binding international treaty dealing with privacy and data protection, signed on January 28, 1981. The day is recognized every year on January 28 in the U.S., Canada, and Europe. In 2022, National Cybersecurity Alliance (NCA) has expanded the Data Privacy Day campaign into Data Privacy Week, which is observed from January 24 to 28. The Data Privacy Week helps spread data privacy awareness and alerts users on protecting their information online.
3 Ps to Enhance Your Data Privacy Online
One cannot become cyber-aware overnight, but practicing certain security measures will help prevent most security risks online.
Users’ sensitive information is like money for threat actors. Personal data like usernames, passwords, geolocation, purchase history, IP address, full names, birthdates, and banking details have a huge demand on darknet forums, where hackers often trade stolen data. Following cyber hygiene practices like keeping strong passwords to all your online accounts and limiting your personal data available online will eventually enhance your data privacy. Own your data privacy by securely deciding whether to share or not to share your data with all service providers online.
Threat actors often exploit/compromise targeted devices to steal sensitive information. Recently, security researchers from Doctor Web discovered a new Trojan that infected over 9.3 million Android devices. The Trojan, dubbed “Android.Cynos.7.origin,” is a new kind of malware that disguises itself as a legitimate app and steals information from a victim’s device, such as contact details, and displays unwanted ads.
Device protection is imperative for users and organizations as hackers leverage various malicious or Trojanized applications to penetrate network systems and steal personal data. To protect your data and prevent unauthorized intrusions you should regularly update your devices and fix any unpatched vulnerabilities.
Ignoring unwanted emails and texts from unknown sources will help prevent hacker intrusions. Several cybercriminal campaigns leverage different kinds of phishing lures and social engineering tactics to trick unwitting users into downloading malware.
As we head into Data Privacy Week, it’s the right time for users and organizations to evaluate their security measures and boost the overall cybersecurity posture.
What the Experts Say…
Commenting on the significance of Data Privacy Day with CISO MAG, Keith Neilson, Technical Evangelist at CloudSphere, said, “In the U.S. alone, there are several disparate federal and state laws, some of which only regulate specific types of data – like credit or health data, or specific populations – like children. Combining these regulations with the many different international laws that aim to ensure data privacy, such as GDPR, and compliance for companies with global operations becomes an extremely complex undertaking.
Data Privacy Day serves as a reminder that cyber asset management should be a top priority for every organization. Enterprises cannot ensure compliance and data security unless all assets are properly known, tagged, and mapped in the cloud. To avoid jeopardizing sensitive company or customer data, organizations must take the first step of cyber asset management to secure visibility of all cyber assets in their IT environment and understand connections between business services. This includes identifying misconfigurations and automatically prioritizing risks to improve overall security posture, allowing for real-time visibility and management of all sensitive data.”
About the Author
Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends.
More from the Rudra.