First signed into law in June 2018, the California Consumer Privacy Act (CCPA) went into effect on New Year’s Day, giving consumers new rights to access their data, request that it be deleted and opt-out of it being sold. You may have already noticed the buttons or links that say “Do Not Sell My Personal Information” at the bottom of the websites you visit.
Also this month is the National Cybersecurity Alliance’s Data Privacy Day, an international effort held annually on January 28th to create awareness about the importance of respecting privacy, safeguarding data and enabling trust. According to the organization, “millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society. Data Privacy Day aims to inspire dialogue and empower individuals and companies to take action.” CCPA, GDPR and other pending legislative initiatives are making the mission of this day more important and relevant than ever.
Many technology and cybersecurity journalists have been dedicated to ensuring widespread understanding of this new legislation, both in terms of what it means for consumers and the changes organizations will make in how they handle customer data. Some of our go-to resources include:
- Natasha Singer, The New York Times: “What Does California’s New Data Privacy Law Mean? Nobody Agrees”
- Karl Bode, Motherboard: “What California’s New Privacy Law Means for You”
- Maria Korolov, CSO: “California Consumer Privacy Act (CCPA): What you need to know to be compliant”
Additionally, as PR professionals, we have been working diligently with our security clients to ensure they are communicating to existing and potential customers exactly how their solutions can help them remain compliant with these rules and regulations.
RELATED: Heading to RSA 2020? Check out the Security Never Sleeps Luncheon
It’s Time to Change How We Think About Data Security
Consumers now have control over their data and enterprises are being held accountable for the safety of customer data with the threat of hefty fines constantly looming. Consequently, data security is now everyone’s responsibility – from the interns to the CEO – all parties must be vigilant when it comes to data security and as cyberthreats evolve, so to must the enterprise cybersecurity strategy. While consumers now have more say in how their data is used, they have proven to be unreliable stewards of their data and at the end of the day, it is the enterprise’s brand reputation and revenue that is on the line when a breach happens.
Enterprises need to rethink their data security strategy – that much is clear, but what exactly needs to change? What do enterprises need to do differently to stand a chance against cyber-adversaries?
During RSA Conference, 10Fold will be hosting its 10th annual Security Never Sleeps event on Wednesday, February 26th. The event will bring together CISOs and Chief Risk Officers to discuss the critical challenges in data security, how enterprises are responding to new legislation and more. To learn more about Security Never Sleeps and register to attend, visit: https://10fold.com/events/security-never-sleeps-2020/