With a new year comes new opportunities for organizations to revamp their approach to cybersecurity. In light of the sensitive data breaches that were rampant in 2021, understanding the patterns of the past might just be the key to unlocking a more secure future.
Spirion’s latest eBook, Data Security & Privacy: What’s in Store for 2022, provides predictions and advice from leading data security and privacy experts to help you prepare for what the data protection landscape may hold in the new year.
Here is a summary of what industry insiders are saying:
Record-breaking data breaches means businesses need to buckle down
It isn’t any stretch of the imagination to see how data breaches have become an omnipresent threat for any public or private sector organization operating today. All one has to do is look at the first 8 months of 2021 compared to all of 2020 to see the relative explosion of data breaches within the last year—which surpassed 2017’s all-time high.
The Identity Theft Resource Center shows that by mid-August of 2021, the number of reported data compromises had exceeded the total number of incidents throughout all of 2020.
The normalization of these breaches is a worrisome trend that will continue into 2022 as the sheer amount of vulnerable data increases from both conventional enterprise data sources and an expanding digital frontier. As a result, employers will need to ensure their teams are better engaged with how they go about practicing cyber-hygiene to avoid the pitfalls that come with handling sensitive information in a remote environment.
Newsflash: data attacks aren’t going away—in fact, they’re probably going to get a lot worse
The hard truth is that hackers and cyberattacks are not likely to go anywhere soon. The sheer number of new players in the digital arena that have no experience with how to mitigate the effects of an attack will only serve to bolster these malicious actors; attacks are likely to grow not just in sheer number, but also in variety and frequency. Last year alone more than a dozen U.S.-based organizations experienced multiple data incidents including LinkedIn, T-Mobile, Walgreens, and Walmart, among others.
“The shift we are starting to see accelerate is organizations experiencing multiple incidents in a single year, and the types of incidents are expanding. This is a direct result of the ever-expanding data universe, accelerated by the global pandemic and the evolving regulations surrounding sensitive data.”
One fear on experts’ minds is that it is possible that many organizations will choose to forego better data privacy for organizational imperatives like revenue growth. While this saves dollars in the short term, the long-term effect of a major breach will negate whatever advantages initially present themselves.
At least 130 different ransomware families were active in 2021.
Data protection legislation: too much or too little?
A point of controversy among industry insiders is the future of data protection legislation. New state and international privacy and data protection laws have had little enforcement in the past, but companies are now facing an urgent need to bring the management of personal data into compliance.
For example, in 2021, California established the nation’s first dedicated Data Protection Authority, which experts predict may influence other states that are also considering data privacy legislation. In addition to the California Privacy Rights Act, the Virginia Consumer Data Protection Act and Colorado Privacy Act will also go into effect on January 1, 2023.
While some organizations are scrambling to catch up to these changes, others are concerned that not enough is being done to protect our data. The recent enforcement of new privacy laws might encourage more companies to comply with regulations than in the past, but not everyone is convinced.
“Far and away, the number one data privacy and compliance priority for companies right now is preparing for the approval of similar legislation to the CPRA. CPRA created a new and relatively broad category of personal information, necessitating a review of what personal information is being collected, used, and shared, as well as how it’s being protected.”
General Counsel, Spirion
So what’s an org to do?
With all the roadblocks and hurdles that industry experts saw in 2021 and are predicting for 2022, are there any steps organizations should be taking to get ahead? In short: yes! We’ve compiled actionable insights and practical advice from high-level advisors that any organization—from large conglomerates to small businesses—can implement to help protect their businesses in 2022.
Download Spirion’s latest eBook, Data Security & Privacy: What’s in Store for 2022, and discover what the top minds in the industry foresee, including:
- Key trends that are set to influence the year ahead
- Top challenges data security and privacy teams are likely to face in 2022
- Expert advice for protecting your business
- How to stay multiple steps ahead of bad actors