How much information do you personally share or store digitally? What about the company you run or work for? The world is going digital at breakneck speed, which is why this Data Privacy Day we are aiming to increase your awareness of privacy and data protection issues your organization may be facing.
As companies race to implement new technologies, invest in innovation and digitize their data management systems, they are neglecting to commit time and resources to adopt a proactive cybersecurity strategy. Due to the increase in recent years of high-profile cybersecurity breaches, governments have started to introduce regulatory changes such as the Personal Information and Electronic Documents Act in Canada and the General Data Protection Regulation in Europe. Businesses need to keep up with this ever-evolving landscape.
Cybersecurity is often misunderstood, not just by the public but by corporate executives. Do you know what your most valuable digital assets are? It’s not always as obvious as credit card information or SIN numbers. The bread and butter for cyber criminals are:
- Customers’ personal identifiable information and passwords
- Financial information and strategic plans
- Senior executives’ and board members’ personal data
Data that may seem harmless like phone numbers or email addresses can be used by cyber criminals for further hacking and scamming. According to the EY’s Global Information Security Survey, 64% of companies confirmed they have either no data protection program or only an informal plan, meaning that confidential documents are low-hanging fruit for cyber pirates.
Knowing what data cyber criminals are looking for is a great first step in developing your cybersecurity and privacy plan. Some simple strategies in developing your own plan are to identify your organization’s greatest risk, greatest assets, execute a threat risk assessment and plan for all cyber attack scenarios that might affect your organization.
The cybersecurity world is ever morphing and evolving and there is no one-size-fits-all solution, but with proper understanding of your corporation’s needs and risks, the right cybersecurity and privacy program can be tailored.
This blog post was written by Carlos Perez Chalico, EY Canada’s Cybersecurity and Privacy Leader for Private Client Services.