Securiti PrivacyOps Named a Leader in The Forrester WaveTMDownload Now
Published on January 12, 2021 AUTHOR - PRIVACY RESEARCH TEAM
Recently Rehan Jalil (CEO of Securiti) appeared on Metis podcast to discuss the state of data privacy and security.. In this podcast, Rehan shared his experience on how organizations tackle opportunities and risks due to data. A short excerpt from the podcast:
While data provides a huge opportunity for organizations to serve their customers in a more meaningful way, it requires organizations to implement and enforce data security and privacy practices to safeguard their customer, employee, vendor or partner information. There are five major challenges for organizations:
In an organization certain data can be classified as “sensitive data”. In order to protect this sensitive data, organizations need to know where the data is held in their systems.
There are 3 major obstacles to discover data:
Once the data has been identified, it needs to be protected. This includes both internal and external threats.
Most data breaches are caused due to unauthorized access. To reduce the risk of breaches, organizations need to ensure that only employees who are authorized to access certain data actually do. In addition, monitoring data activities provides visibility into exfiltration attempts. Studies show that CISOs are more concerned about internal threats than external threats. Internal threats can easily bypass any security controls that may be set in place by the organization to prevent external and unauthorized users from accessing internal data and applications. Organizations that protect data from external threats only, can potentially increase the risk of insider attacks. Organizations need to secure data from an internal user’s perspective and the following framework can be used as a starting point:
Modern privacy regulations give consumers a right to their data. These rights are called Data Subject Rights (DSR) and include the right to access, delete, rectify, object processing, revoke consent and so on. DSRs are a requirement in most privacy regulations. To comply, organizations can use a data-driven & automated approach to DSR management
For more details, listen to this podcast: [https://www.metisstrategy.com/interview/rehan-jalil/]
A Comprehensive Platform
January 15, 2022
If there were any lingering doubts about how seriously Europe takes its users' privacy in 2022, they were put to rest this week. Google & Facebook have been fined a combined €210m (£176m) by the Commission Nationale de...
January 3, 2022
Explaining European Commissions’ GDPR Adequacy Decisions The European Union’s GDPR applies to organizations within and outside the EU where countries that aren’t a part of the EU are regarded as third countries. The GDPR restricts the transfer of...
PO Box 13039,
Coyote CA 95013