drj logo
  • This field is for validation purposes and should be left unchanged.

Already have an account? Log in

drj logo

Welcome to DRJ

Already registered user? Please login here

Login Form

Register
Forgot password? Click here to reset

Create new account
(it's completely free). Subscribe

Skip to content
Disaster Recovery Journal
  • EN ESPAÑOL
  • SIGN IN
  • SUBSCRIBE
  • THE JOURNAL
    • Digital Edition
    • Article Submission
    • DRJ Annual Resource Directories
    • Article Archives
    • Career Spotlight
  • EVENTS
    • DRJ Spring 2023
    • DRJ Fall 2023
    • Call for Papers – Fall 2023
    • Other Industry Events
    • Schedule & Archive
  • WEBINARS
    • Upcoming Webinars
    • On Demand
  • MENTOR PROGRAM
  • DRJ ACADEMY
    • DRJ Academy
    • Beginner’s Guide to BC
  • RESOURCES
    • New to Business Continuity?
    • White Papers
    • DR Rules and Regs
    • Planning Groups
    • Business Directory
    • Business Resilience Decoded
    • DRJ Glossary of Business Continuity Terms
    • Careers
  • ABOUT
    • Advertise with DRJ
    • DE&I
    • Board and Committees
      • Executive Council Members
      • Editorial Advisory Board
      • Career Development Committee
      • Glossary Committee
      • Rules and Regulations Committee
  • Podcast

Data Privacy Day: Why You Can’t Have Privacy Without Protection

by Jon Seals | January 27, 2023 | | 0 comments

In 2022 alone, there were over 1,800 data compromises. According to the Identity Theft Resource Center’s 2022 Data Breach Report, the number of people affected by data breaches jumped 40% from 2021 to 2022 to affect 422.1 million people. 

In order to comply with data privacy regulations, it’s become critical for organizations to prioritize data protection. 

Here are a few comments from data privacy and protection experts in the field:

Amit Shaked, CEO and co-founder, Laminar

“As the world celebrates Data Privacy Day, it’s important to remember that there is no data privacy without data protection. 

This problem is becoming more acute as organizations adopt hybrid cloud infrastructures without ensuring effective security, privacy and governance for the data stored across vendors and clouds. Two statistics paint the story. Two-thirds (66%) of organizations store between 21%-60% of their sensitive data in the cloud and nearly half (45%) experienced a cloud-based data breach or failed audit in the last 12 months. 

IT and security teams risk exposing customers and losing intellectual property, strategic advantage, and revenues if they don’t shore up data protection as well as data privacy. Fortunately, by adopting cloud-native data security platforms, these teams can regain visibility into – and control over – their valuable data and keep it private and protected. Using a cloud data security platform provides autonomous and continuous discovery, classification, monitoring and protection of all data stored and used across platforms like AWS, Microsoft Azure, Google Cloud, and Snowflake.” 

Justin McCarthy, co-founder and CTO, StrongDM 

“Data Privacy Day is the perfect opportunity to take a step back and consider your data privacy initiatives holistically. That means asking yourself questions like, ‘are we maintaining the highest standards of data privacy?’ ‘are we taking the right steps to protect data against data leaks?’ ‘have we done our due diligence to ensure that unauthorized access–whether from internal or external individuals–is prevented?’

For example, you’ve set up data classifications. You’ve determined who needs access.  

But are you validating that credentials have not been put into code? Do you have credentials sitting in your repos that might not have the same level of access scrutiny as admins or privileged users? Is production data going into dev or staging environments that have loose access oversight? How long would it take for you to determine all the people who have had the ability to access a database, who accessed it, and what they did? Can you even do that? 

Data privacy also means protecting how data is accessed, and data privacy initiatives must also account for that. That means ensuring that only authorized users have secure access to sensitive data and systems, and that you’re moving towards just-in-time access or Zero Standing Privileges–across network resources, provisioning and deprovisioning, and especially for temporary users that have access to sensitive information. All of this requires fine-grained observability and auditability across all your systems.”

Matt Rider, VP of Security Engineering EMEA at Exabeam:

“Today, data protection is inextricably entwined with cybersecurity. With the average number of attacks per organisation worldwide reaching over 1,130 weekly in Q3 2022, sensitive personal data has never been more at risk. And, while cybersecurity typically focuses on keeping systems secure against attacks, data protection has a vital part to play. It brings together efforts from across an organisation to ensure that data is kept safe as well as compliant with the latest regulations – regulations which take centre stage in the event of a successful cyber attack, bringing us back to cybersecurity.

Part of having strong data protection measures in place involves knowing where your data is stored and who is accessing it at any given time. IT teams can use tools such as User and Entity Behaviour Analytics (UEBA) to monitor these patterns and learn what a normal day looks like for their organization when it comes to the data flowing within it. If access is attempted by a malicious actor – whether internal or external – the IT team can be alerted to this anomaly and work quickly to shut down systems and prevent the attacker from digging any deeper. This can be further supported by employees being aware of and following the latest data protection best practices, which makes it easier for the IT team to spot any unexpected behavior. 

“Data protection and cybersecurity – you can’t have one without the other. So, when considering how to bolster your cybersecurity defenses, make sure that data protection is top of mind, otherwise, you’re leaving an open goal for any skilled attackers taking advantage of a blindspot.”

Related Content

  1. Disaster Recovery Journal
    Think before you buy: 11 considerations to make before purchasing a data protection solution
  2. How Today’s Data Centers Can Do a Better Job Monitoring Power and Power Quality
  3. Disaster Recovery Journal
    The Value Of Data

Recent Posts

CORRECTING and REPLACING World’s Leading Customer Data Platform Adobe Real-Time CDP Debuts Industry-First Innovations

March 27, 2023

Berry Global Announces Consideration for and Upsizing of Tender Offer for 0.95% First Priority Senior Secured Notes due 2024

March 27, 2023

Allegion to Host 2023 ‘Investor & Analyst Day’

March 27, 2023

TransLogic™ Tube Systems are Made in the USA

March 27, 2023

Highline celebrates with Upson County for Broadband Deployment!

March 27, 2023

E2open to Report Fiscal 2023 Fourth Quarter and Full Year Results

March 27, 2023

Archives

  • March 2023 (1066)
  • February 2023 (1154)
  • January 2023 (1391)
  • December 2022 (1144)
  • November 2022 (1595)
  • October 2022 (1574)
  • September 2022 (1571)
  • August 2022 (1581)
  • July 2022 (1365)
  • June 2022 (1711)
  • May 2022 (1651)
  • April 2022 (1618)
  • March 2022 (1924)
  • February 2022 (1549)
  • January 2022 (1472)
  • December 2021 (1446)
  • November 2021 (1835)
  • October 2021 (1777)
  • September 2021 (1697)
  • August 2021 (1661)
  • July 2021 (1566)
  • June 2021 (1768)
  • May 2021 (1666)
  • April 2021 (1798)
  • March 2021 (1907)
  • February 2021 (1038)
  • January 2021 (554)
  • December 2020 (30)
  • November 2020 (35)
  • October 2020 (48)
  • September 2020 (57)
  • August 2020 (52)
  • July 2020 (40)
  • June 2020 (72)
  • May 2020 (46)
  • April 2020 (59)
  • March 2020 (46)
  • February 2020 (28)
  • January 2020 (36)
  • December 2019 (22)
  • November 2019 (11)
  • October 2019 (36)
  • September 2019 (44)
  • August 2019 (77)
  • July 2019 (117)
  • June 2019 (106)
  • May 2019 (49)
  • April 2019 (47)
  • March 2019 (24)
  • February 2019 (37)
  • January 2019 (12)
  • ARTICLES & NEWS

    • Business Continuity
    • Disaster Recovery
    • Crisis Management & Communications
    • Risk Management
    • Article Archives
    • Industry News

    THE JOURNAL

    • Digital Edition
    • Advertising & Media Kit
    • Submit an Article
    • Career Spotlight

    RESOURCES

    • White Papers
    • Rules & Regulations
    • FAQs
    • Glossary of Terms
    • Industry Groups
    • Business & Resource Directory
    • Business Resilience Decoded
    • Careers

    EVENTS

    • Spring 2023

    WEBINARS

    • Watch Now
    • Upcoming

    CONTACT

    • Article Submission
    • Media Kit
    • Contact Us

    ABOUT DRJ

    Disaster Recovery Journal is the industry’s largest resource for business continuity, disaster recovery, crisis management, and risk management, reaching a global network of more than 138,000 professionals. Offering weekly webinars, the latest industry news, rules and regulations, podcasts, the industry’s only official mentoring program, a quarterly magazine, and two annual live conferences, DRJ is leading the way to keep professionals up-to-date and connected in an ever-changing world.

    LEARN MORE

    TWITTER

    Disaster Recovery Journal is the leading publication/event covering business continuity/disaster recovery.

    Follow us for daily updates @drjournal

    Newsletter

    The Journal, right in your inbox.

    Be informed and stay connected by getting the latest in news, events, webinars and whitepapers on Business Continuity and Disaster Recovery.

    Subscribe Now
    Copyright 2023 Disater Recovery Journal
    • Terms of Use
    • Privacy Policy