On April 26, 2006, the Council of Europe established Data Protection Day, which is observed annually on 28 January. Data Protection Day is now observed worldwide and is known as Privacy Day outside of Europe.
At Stefanini, we’re celebrating International Privacy Day by focusing on overcoming privacy issues, including exploring the role of data protection and privacy and the global challenges and opportunities that exist around protecting data.
We caught up with Matt Engler, Global Director, Risk & Compliance at Stefanini and Alex Bertea, Chief Cybersecurity Strategist at Stefanini EMEA, to learn more.
What does the current landscape look like when it comes to data protection and privacy?
Alex Bertea: “It’s become a cliché to use the term ‘unprecedented’ but it’s clear that – whether we’re referring to economics, public health or cybersecurity – we’ve faced an entirely new situation in recent years and that this requires a brand new response.
“When it comes to protecting data, businesses will need to invest in the latest solutions to prevent intrusions, ransomware, data breaches and phishing attacks. For many businesses, an appropriate response to the scale of the challenge will involve embracing a proactive approach to testing cybersecurity resilience, which might include simulating attacks in partnership with teams of ethical hackers.”
Matt Engler: “There’s a big challenge for businesses because consumers don’t expect to be forced to make trade-offs. They want maximum convenience when it comes to digital experiences and minimum friction when it comes to buying online, without any risk to the security of their data. There’s clearly a requirement for a sophisticated approach that simultaneously maximizes security and convenience.
“This is particularly pressing at a time when the move toward digital solutions has been accelerated. Many businesses have needed to make use of new software to run systems or deliver automation – it’s important that the speed at which these new solutions have been embraced doesn’t mean the security implications they pose have been neglected.”
Does that suggest that businesses have embraced new solutions too quickly to ensure data is properly protected? Given the speed of change, how can businesses ensure they successfully meet new data protection and privacy requirements?
Matt Engler: “Rapid change has clearly been necessary – transitioning to new ways of working has become a fundamental aspect of ensuring business continuity in recent years. Despite this, there absolutely needs to be equal focus on keeping data secure.
“An important part of getting this right is creating the right business culture, in which the correct example is set throughout the organization, which relies on appointing the right business leaders, with the appropriate skills, to the right roles. This might include a Chief Information Security Officer (CISO), who would be responsible for ensuring that any adaption involving new digital solutions delivers maximum business benefits while managing associated risks.”
Alex Bertea: “I completely agree that it’s crucial to develop a business culture that recognizes the importance of adapting quickly while ensuring data is protected and cybersecurity attacks prevented.
“Establishing this culture is the first stage to developing best practice as a business norm and this then needs to be backed up by the right solutions. That means investing in solutions that ensure a business has enhanced its ability to prevent attacks, or respond more quickly to disruptions, while also providing a superior customer experience. You need the solutions in place to realize the aspirations of a business culture that believes in both innovation and security.”
Is there necessarily a tension between innovation and privacy and data protection?
Alex Bertea: “There really doesn’t need to be any conflict between innovation and investing in cybersecurity solutions that protect data. I can understand how some businesses might fear that there will be a conflict – protecting data presumably requires caution, which, some believe, means avoiding new solutions.
“In fact, I’d argue the opposite is true – it’s thanks to a readiness to invest in the latest cybersecurity solutions that businesses are able to confidently innovate and respond to new trends.”
Matt Engler: “I completely agree – data protection should be viewed as complementary to innovation. It’s important to remember that a business essentially earns its licence to innovate by demonstrating its commitment to security and protecting data.
“Also, when it comes to the likes of personalized marketing, for instance, this is only possible as a result of businesses earning the trust of consumers around the secure storage and responsible usage of their personal data. A commitment to data privacy offers much more than avoiding financial losses – which might be the result of fines or reputational damage. Data privacy is in fact the foundation on which businesses can seize new opportunities to innovate and to create more personalized and effective marketing campaigns and digital experiences.”