CIO, Opinion

Tech Industry Professionals Share Their Views and Tips on Data Privacy Day

This Sunday marks the 11th anniversary of Data Privacy Day, which was created to raise awareness and promote the protection of personal privacy and data. The occasion first started in 2008 as an extension of European Data Protection day, which started in 1981 with the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

Despite years of observations and best intentions, millions of people, spanning multiple generations are still dangerously naïve and uninformed about how their personal data is stolen, shared, and used, and the consequences can be severe.

According to a report by Javelin Strategy & Research more than 15 million consumers were victims of identify theft or fraud in 2016, at a price of more than $16 billion. Once the numbers are tallied for year, we’ll no doubt see that number rise.

As we observe Data Privacy Day, we asked several industry professionals for their thoughts on this day and tips they can offer other IT professionals on keeping data safe in 2018.

Neil Barton, CTO, WhereScape
Neil Barton, CTO, WhereScape

Neil Barton, CTO, WhereScape

“With the GDPR deadline of May 25 fast approaching, ensuring data is both identifiable and accessible is no easy feat. Data Privacy Day serves as a reminder about what can be achieved with proactive action to get control of your data before the GDPR deadline. It’s vital that organizations put their data onto the path to compliance now, as fines associated with GDPR will take a toll financially and in reputation.

All data must be easily identifiable and explainable. The only way to ensure effective compliance is to identify where a particular piece of data sits, tag it and track its lineage throughout the environment in order to understand its usage. Additionally, to answer the ‘access upon request’ requirements, data must be stored in a location with extract capabilities, and with the ability to build those extract capabilities quickly.”

Rob Strechay, Senior Vice President of product, Zerto
Rob Strechay, Senior Vice President of product, Zerto

Rob Strechay, Senior Vice President of product, Zerto

“In 2018, it’s becoming impossible to exaggerate the threat that an outdated approach to data protection poses. Recently, we’ve learned of Meltdown and Spectre, two major security flaws in microprocessors of nearly all the world’s computers. Last year, the WannaCry ransomware attack impacted hundreds of countries and the Equifax breach affected more than 145 million consumers.

The attack surface continues to grow as our applications become more front and centerpieces of our businesses. Our data is at risk; hacks and ransomware will continue to become more sophisticated. We can’t blame the targets for the malicious intent of a few, but we can expect for proper plans to be in place when attacks succeed.  In today’s age we need to assume that complex hacks will happen and succeed. This may not be the direct fault of a CEO or CIO, but it is their responsibility to be prepared for the aftermath.” 

Chris Colotti, Field CTO, Tintri
Chris Colotti, Field CTO, Tintri

Chris Colotti, Field CTO, Tintri

“From the threats of malware attacks to the rise in popularity of IoT and smart devices, data is now more vulnerable than ever before. As technology continues to advance, both companies and individuals need to remember the importance of keeping their data and information protected, both in the long and short term. Data Privacy Day is a great reminder of this. In this risky landscape, the key is to establish recovery point and recovery time objectives, which are a vast improvement over traditional backup tapes.

For example, if your proactive security measures fail and your organization experiences a cyber-attack, you can speed up the recovery of data with online and near line snapshots. Being in a position to review snapshots quickly and enhance protection with multi-site replication is no longer a nice to have, but a must have.”

Scott Parker, Senior Product Marketing Manager, Sinequa
Scott Parker, Senior Product Marketing Manager, Sinequa

Scott Parker, Senior Product Marketing Manager, Sinequa

“As enterprise data continues growing at exponential rates, artificial intelligence and machine learning capabilities have emerged as the primary means for enterprises to respond and become Information-Driven. While this evolution raises the efficiency and innovation of organizations and individual employees to unprecedented levels, it also introduces new data privacy risks and regulations.

AI systems now exist that can analyze regulations across the world using multilingual natural language processing capabilities and determine whether a new regulation impacts specific organizations. Furthermore, these systems can identify who within an organization (R&D, legal, sales, marketing, etc.) should be informed and push the relevant information to these people.

With this in mind, we should view data regulations like GDPR not as costly burdens but rather as opportunities to ensure compliance and data privacy while reaping the business benefits of accelerated innovation, increased productivity and optimized customer service.”

Trevor Bidle, Vice President, Information Security and Compliance Officer, US Signal
Trevor Bidle, Vice President, Information Security and Compliance Officer, US Signal

Trevor Bidle, Vice President, Information Security and Compliance Officer, US Signal

“As data across all verticals continues its growth trajectory, so do the many data protection, privacy and security challenges for any IT Team. Data Privacy day presents an ideal opportunity for CTOs, and their teams, to take a close look at their data and determine the best approach for ensuring the ongoing protection of company data.

Many businesses are choosing to engage third parties to outsource traditional IT services. In the face of an evolving regulatory climate, business has recognized the need for a IT Service Provider experienced in Compliance, Data Protection and has the network and infrastructure to create a fully compliant, secure solution allowing for the protection of data.”

Gary Watson, Co-Founder and CTO, Nexsan
Gary Watson, Co-Founder and CTO, Nexsan

Gary Watson, Co-Founder and CTO, Nexsan

“The growth and value of data is constantly increasing, but so is the speed at which its security can be compromised. Considering the high number of ransomware attacks in 2017, this year’s Data Protection Day should aim to refocus our attention on a key solution that prevents an attack from turning into a disaster – archive storage. Organizations that use long-term archive storage solutions as a second line of defense to house and keep data secure can be assured that it provides excellent, cost effective protection from the risks presented by ransomware.”

Craig Hinkley, CEO, WhiteHat Security
Craig Hinkley, CEO, WhiteHat Security

Craig Hinkley, CEO, WhiteHat Security

“There can be no denying that we live in ‘the age of the app’ and the vast majority of organizations and consumers use them every day. With new apps and updates to apps being written and released at an ever-growing rate, errors in the code they are built on can be exploited by attackers, therefore jeopardizing data protection and privacy. Although organizations and IT teams are well aware of network security, adding security to the development cycle can unfortunately be an after-thought. Working with a security mind-set and making it a top priority throughout development is essential to ensuring apps are less susceptible to attacks.”

“The next wave of security is adopting a DevSecOps approach, which encourages collaboration between development, operations and security teams to elevate security as a priority throughout build and release cycles. More secure apps mean more secure data and privacy, and all of this adds up to helping us all live a safe digital life.”