Data privacy has become a recurring flashpoint for consumers and businesses alike, amid a spate of major data breaches in recent years.
Within the last month, the issue has resurfaced in the public consciousness with news of the largest data breach in history, known as the “mother of all breaches,” in which more than 26 billion records were exposed.
Additionally, evolving industry trends, such as the proliferation of IoT devices, the move to the cloud, increased remote work, and the rapid adoption of generative artificial intelligence (AI), have led to frequent conversations about data privacy. I did.
Corporate networks around the world are growing in size and complexity, resulting in a vast attack surface and ripe for targeting by increasingly sophisticated attackers.
Greg Clark, director of product management at OpenText, said that through 2024, industry experts predict that both security threats and breaches will continue to escalate, leading to increased investment from enterprises and increased investment by IT leaders. There will be even more attention paid to data privacy and security.
talk to IT professionalClark said businesses need to consider both their data footprint and threat landscape when developing their data strategy.
“Businesses need to understand their data footprint and threat landscape. Only then will they be able to devise the smart strategies needed for today’s evolving business environment,” Clarke argued. .
“Data discovery tools, especially those that go beyond data mapping and metadata scanning, can help businesses discover data, understand risks, and prioritize with internal stakeholders and management to reduce compliance and financial risk. It’s essential to any privacy program because it helps you.”
Mark Molyneux, EMEA CTO at Cohesity, said: IT professional The security measures businesses have traditionally employed to protect their data will need to scale to reflect the specific threats they will face in 2024.
“Previous concepts of building additional and higher security walls around data and systems are no longer appropriate for this new world,” he said. “There are hundreds of vulnerabilities in software products, and remote working has expanded his entire security architecture because even the tallest walls can be breached if an employee clicks on the wrong thing.”
“Networks are protected by thousands of separate tools from large companies, but they are much more penetrable for hackers,” Molyneux added.
Attila Torok, chief security officer at flexible working specialist GoTo, suggested that increasing employee data protection awareness should be a key goal in the year ahead.
“In 2024, enterprises will be doing everything they can to strengthen employee security, leverage Zero Trust products, consistently enforce strong Acceptable Use Policies (AUPs), and move toward passwordless authentication.” You need to hit the cylinders. These are simple and powerful ways you can improve and modernize your current practices to prevent cyber threats from entering your corporate systems.”
Data privacy will face AI “head on” in 2024
In addition to protecting data from external threats, companies also need to be aware of how to maintain privacy when using the data.
Clark emphasized the need for caution, especially when using AI tools, and that businesses should adopt privacy-enhancing technologies (PET) accordingly.
“These technologies allow organizations to anonymize or anonymize (irreversible masking) personal data, which removes unstructured data before it reaches the AI pipeline for large-scale language models. is becoming increasingly important to protect.
Clark added additional protections to avoid sensitive data being exposed in this way, as feeding private and sensitive data into public models can be a risky move for enterprises. I explained that I needed to.
“Better AI requires more data, so businesses need to protect the data that feeds these models. Encrypting or tokenizing data can help ensure that personal data is used responsibly. It is also a strategic PET to deploy within your enterprise to ensure that all privacy obligations are met. Techniques such as form-preserving encryption ensure the security and referential integrity of your analyses. PET helps create a framework to ensure compliance with privacy regulations and build trust with customers.”
Martin Davies, audit alliance manager at software firm Dorata, said the impact of AI on data protection in 2024 could depend on regulatory controls such as the EU Commission’s AI Act.
“2024 will be the year that data privacy meets AI head-on, and getting the right balance between innovation, regulation, and protection will depend on the evolution of regulatory controls,” Davis said.
He argued that regulators will have a lot of responsibility for the level of data protection that companies put in place in 2024.
“Regulators around the world require AI companies to comply to protect end-user data privacy and enable end-users to make informed decisions about how they interact with AI tools.” There is a clear responsibility to implement the requirements that must be met.”
said Trevor Dearing, director of critical infrastructure at data center and cloud security company Illumio. IT professional Current threat levels mean breaches are “inevitable,” so more mature Zero Trust systems are needed.
“Breaches are inevitable in today’s world, so businesses must take steps to quickly contain and limit the potential exposure of sensitive data. Traditional tools such as firewalls and intrusion detection systems are no longer useful. We cannot protect our future by using our past.”
However, as Kevin Curran, senior member of the IEEE and professor of cybersecurity at Ulster University, explained, implementing zero trust in corporate networks can create some headaches.
“Organizations must also ensure that employee devices have the latest security protections, such as virus checkers, firewalls, and device encryption. But who is actually running this? I wonder how many there are.”
