• About
  • Subscribe
  • Contact
Thursday, June 5, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Resources Blogs

Data privacy in 2023: more action, less talk

allantan by allantan
February 14, 2023

Photo by Markus Winkler: https://www.pexels.com/photo/close-up-photo-of-a-paper-on-a-vintage-typewriter-4152513/

Share on FacebookShare on Twitter

28 January 2023 is Data Privacy Day – “an international effort to create awareness about the importance of respective privacy, safeguarding data, and enabling trust.” The Council of Europe marks 28 January as Data Protection Day marking Convention 108, when the Council’s data protection convention was opened for signature.

Jennifer Huddleston

Jennifer Huddleston, technology policy research fellow with the CATO Institute, opines: “The policy debate over data privacy may be less prominent in headlines than other tech policy topics, but it remains critically important to both innovators and consumers.”

Brian Spanswick, global CISO and head of IT at Cohesity says World Data Privacy Day is an excellent opportunity for citizens and organisations to take stock of their data management and security practices: namely, who is trusted to manage that data?

He goes on to suggest asking questions like: How is my data stored? Is it secured? Can it be recovered if attacked? Is the data encrypted in transit and at rest, and is your data backup immutable?

“By asking these questions you will be able to identify where gaps exist and areas that need to be addressed,” he posited.

What regulation has significantly impacted how organisations engage their employees, partners, suppliers and customers since 2020?

Acronis’ senior technology director, Alexander Ivanyuk, says since its enforcement after 2018, GDPR has been felt as more penalties get doled out. He said similar local/national efforts are starting to take shape.

He cited amendments to safeguard personal data better in Singapore’s Personal Data Protection Act 2012. “It really depends on what kind of data you work with and where your customers may reside or which country they belong to,” he added.

For his part, Garrett O’Hara, chief field technologist at Mimecast, noted that across Asia-Pacific several countries have been initiating different data privacy laws and regulations.

“Different markets have their own flavour, unique requirements, and objectives. Key regulations which have created an impact include Hong Kong’s Personal Data (Privacy) Amendment Ordinance 2021 which aims to combat doxxing acts that are intrusive to personal data privacy,” he added.

Related:  Hong Kong 2025: Cyber defence meets insurance innovation

How should organisations align their data privacy policies as they move to (1) deepen customer engagement, and (2) enhance employee engagement?

O’Hara pointed out that with data privacy laws establishing higher standards for how organisations manage information, it has become increasingly important for them to ensure that the data which they collect, process, use and store about individuals have their explicit consent.

Garrett O'Hara

“Organisations need to respond quickly to inquiries from individuals about their personal information and be able to eliminate it if requested. They should implement data privacy solutions, like cloud-based email management services, to achieve a granular level of data privacy management.”

Garrett O’Hara

He added that data privacy regulations have been incredibly important in improving data protection standards, and organisations need to ensure they are compliant and have all the processes, tools, and systems in place to always work protected and better manage all the data they collect and store.

“By doing so, organisations can build and maintain high levels of trust that can improve their relationship with customers and employees,” he continued.

Ivanyuk suggests taking GDPR requirements as the rule of thumb and applying them to internal and external people.

“Always remember that different counties have slightly different regulations and if you work globally they may affect you. It is always good to double-check that,” he opined.

What are your top priorities in 2023 around data privacy protection?

According to Ivanyuk, Acronis is finishing the transition to zero trust access to corporate resources and data. This is an additional useful layer of protection that minimizes potential issues with private data.

Alexander Ivanyuk

“Externally, we continue to enhance our Cyber Protect proposition, and its Advanced DLP pack in particular to offer more features and instruments for granular yet easy work with confidential data, including PII and similar private information.”

Alexander Ivanyuk

“We continue to work on smaller local compliance regulations adding these to those major ones already achieved in the European Union, the US, and other major markets,” he added.

Related:  2023 physical security budgets on par with 2022, says Omdia

Garrett revealed that Mimecast is expanding its understanding of privacy beyond a limited programmatic focus on regulatory compliance, rather than seeing it from the customer’s point of view as important.

“Refining email management is essential as emails play an important role in privacy compliance with email marketing getting a significant amount of attention for collecting, storing, and using consumer data, and for requiring opt-ins and enabling opt-outs.

“Also, having privacy regulations that give consumers the right to data subject requests, will allow them to access, correct or delete the data that companies have about them,” he continued.

How do you intend to achieve these priorities?

O’Hara acknowledges that for businesses that operate globally, compliance with consumer privacy regulations is essential and meeting customer expectations on how their data is used is key.

“Building a more robust data privacy strategy is crucial and this can start with product design and evolve to touch all areas of the business where privacy and customer data interconnect.

“Mimecast focuses on this strategic approach which proves to be a competitive differentiator putting customer privacy front and centre in the user experience and giving consumers clear choices about data sharing,” he concluded.

For Ivanyuk, he conceded that the strategy involves well-planned work with proper resource allocation and tough but achievable deadlines.

Spanwick admonishes organisations to prioritise the adoption of technology platforms that help them protect, secure and recover their data regardless of whether it’s stored in an on-premises, hybrid, or multi-cloud environment.

Brian Spanswick

“Don’t let World Privacy Day be another day where managing and securing your data is pushed to be a problem for tomorrow, instead start reviewing where, what, and whom you trust with keeping your data safe possible."

Brian Spanswick
Tags: AcronisCohesitydata privacyGDPRMimecast
allantan

allantan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Platform to enhance software development security
  • Check Point launches enhanced branch office security gateways
  • BarracudaOne to offer a unified approach to cybersecurity
  • AI agents present new security challenges in Southeast Asia
  • Red Hat launches Enterprise Linux 10 for hybrid security

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl