Cybersecurity Blog | Ingalls Information Security

5 Ways to Help Businesses Be Privacy Aware

Written by National Cyber Security Alliance | Jan 28, 2021 5:00:00 AM

Data Privacy Day is a global effort -- taking place annually on January 28th -- that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. This year, we are encouraging individuals to “Own Your Privacy” by learning more about how to protect the valuable data that is online, and encouraging businesses to “Respect Privacy”, which advocates for holding organizations responsible for keeping individuals’ personal information safe from unauthorized access and ensuring fair, relevant and legitimate data collection and processing.

According to a Pew Research Center study, 79% of U.S. adults report being concerned about the way their data is being used by companies. As technology evolves and the pandemic continues to influence how consumers interact with businesses online, data collection practices are becoming increasingly unavoidable, making it imperative that companies act responsibly.

“In recent years, we’ve seen the impact of more global awareness surrounding the abuse of consumer data, thanks to sweeping privacy measures like GDPR and CPRA,” said Kelvin Coleman, Executive Director, NCSA. “And while legislative backing is key to reinforcing accountability for poor data privacy practices, one major goal of Data Privacy Day is to build awareness among businesses about the benefits of an ethical approach to data privacy measures separate from legal boundaries.”

Ingalls Information Security and the National Cyber Security Alliance have offered up the following tips to help guide businesses to better data privacy practices, such as:


1. If you collect it, protect it.

Data breaches can not only lead to great financial loss, but a loss in reputation and customer trust. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access. Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.  


2. Consider adopting a privacy framework.

Build privacy into your business by researching and adopting a privacy framework to help you manage risk and create a culture of privacy in your organization.


3
. Conduct an assessment.

Conduct an assessment of your data collection practices. Understand which privacy laws and regulations apply to your business. Educate your employees of their and your organization’s obligations to protecting personal information. 


4. Transparency builds trust.

Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used and design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy.


5. Maintain oversight of partners and vendors.

If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.

 

Ingalls is here to help protect your information.

Through 10+ years working major incident responses (IR) and data breaches, our emphasis on people is what allows us to provide world-class client experiences. We understand cybersecurity attacks, how they occur, and how to effectively respond. 

We also offer step-in service for SOC teams facing personnel shortage. We have a simple onboarding process to provide your company the bench it needs to effectively manage risk. We fine tune and curate alerts to aid with your shifting needs without overburdening your team members. “Our focus on solution innovation and improving what we do and how we work for efficiency and efficacy is a value that extends to our customers,” says Sarena O’Donnell, our Chief Risk Officer, “ In addition to our experienced team, we are careful to implement intelligent automation and use the best of breed technology solutions, so that alerts we work and information we share with customers is fine-tuned”.  

Through our proven process each client is assigned a dedicated expert who tailors cybersecurity risk management to unique needs, and continuously validates our service is effective. Help your people mitigate burnout and ensure guaranteed measurable, best-in-class cybersecurity risk management.