On Our Radar: May 31, 2019
Another month over, and privacy concerns continue to find their way into the headlines. Privacy as a fundamental right, and data protection as a concept, have entered public awareness for good, and we see that reflected in the major news coverage of our profession, well beyond industry publications. The public is gaining a more sophisticated understanding of privacy protection measures, and getting savvy about identifying the organizations that can – or cannot – be entrusted with their data.
Take a look at the stories below – all articles sparked conversations among the admittedly privacy-obsessed employees of RADAR, but are also articles found in major news outlets, intended for wide public consumption. As Mahmood wrote earlier this week in the IAPP Privacy Advisor, “in the past, we may have gone unnoticed, but we’ve always been here, industrious and heads down as we plug away at our work. As the world began to evolve, and privacy concerns gained notoriety in the public sphere, suddenly the media, our legislators, and even our own boards are interested in the work we do.”
- A recent study found that 23% of companies “experienced a cyber-attack caused by a third party’s unsecured IoT devices in the last year.” These findings outline the importance of conducting vendor due diligence before entering into agreements with new vendors.
- Here’s an example of the consequences of poorly addressed data breaches, beyond regulatory fines, attributing a dip in stock prices to concerns that a security flaw allowed unauthorized access to more than 885M records related to mortgage deals.
- According to the Verizon 2019 Data Breach Investigations Report, “18% of people who clicked on test phishing links did so on mobile devices. Research shows mobile users are more susceptible to phishing, probably because of their user interfaces and other factors. This is also the case for email-based spear phishing and social media attacks.” These findings show that employees need to be vigilant of these attacks not only on their work computers, but on their cell phones as well.
- Illustrating the importance of training employees on their data privacy responsibilities, primarily due to staff error, the Passport Service to the Data Commission reported “more than 50 data breaches since the start of 2018.”
- According to a recent study, “33% of workers still have access to files and documents from a previous employer, putting the integrity of data and company livelihood at risk.” This study supports the importance of having concrete offboarding procedures that include removing ex-employees’ access in a timely manner.
If you’d like to share what privacy and data breach news is currently on your radar, we would love to hear from you at [email protected].