Rather than be caught off-guard and left to play catch-up, security and IT professionals should begin planning now for the many new and updated regulations, standards and proposed pieces of legislation that will be sweeping over the financial services industry and other sectors in the near future.
The pandemic has accelerated digital transformation for many organizations. Global remote work and increased digital interactions means an exponential growth in digital footprint for individuals, as well as corporations. Having to store, process and move this much data quickly into the cloud and manage the expanded digital footprint requires agility of decision making and security and privacy by design implementation and operation.
On March 15, 2021, the California Attorney General’s office announced that the Office of Administrative Law has approved the Attorney General’s proposed changes to the CCPA regulations. The new regulations make three general changes relating to the right to opt out of sales and one change to authorized agent requests. In addition, the Attorney General’s press release reaffirms that enforcement activities are proceeding.
Employees create content on a daily basis. Much of this content has no long-term value and is not business critical, however, a small percentage is key to running operations. If this data goes missing or falls into the wrong hands due to a ransomware attack, an organization could be severely wounded and could be at the risk of extinction.
Congresswoman Suzan DelBene (WA-01) introduced the Information Transparency and Personal Data Control Act, legislation that would create a national data privacy standard to protect personal information.
ZoomInfo announced the expansion of its privacy team with Bubba Nunnery as Senior Director of Privacy and Public Policy. The privacy team is tasked with delivering one of ZoomInfo’s core missions: providing transparency about how it collects its professional contact data and upholding consumers’ rights to privacy.
Access to clinical applications and medical information in a digital healthcare environment is vital. Yet, careful consideration must be made to ensure data and systems are protected against unintended or malicious activities. Securing infrastructure and applications is essential and security professionals must not forget about the devices that facilitate, segregate and protect the network.
Hybrid work is emerging as a norm, especially for companies who have a mix of workers whose job requires coming into the office, and those who are able to accomplish their work at home. This hybrid workforce is expected to become more prevalent as 75% of workers want to retain flexibility over their schedule beyond the pandemic. To get some insight into how security executives executives can implement consistent security practices for the new hybrid workforce environment, we spoke to Michael Borromeo, Vice President, Data Protection at Stericycle, the provider of Shred-it information security services.
Veritas Technologies revealed new research that highlights the dangers of mis-using instant messaging (IM) and business collaboration tools: 71% of office workers globally – including 68% in the US – admitted to sharing sensitive and business-critical company data using these tools, the survey found.
The new year is upon us, and as such, it is a time to reflect on what worked over the past 12 months, and more importantly, what didn’t work. Organizations all over the world are utilizing applications, operating systems, and IoT devices while their data, and their customer’s data, increasingly lives in the cloud. Organizations should take the beginning of the year as a housekeeping opportunity to assess their systems to set themselves up for success in the new year.
