Actu
Celebrating Data Protection Day – cybersecurity expert comments on compliance, data breaches, and how to keep information safe in a world fraught with cyberattacks
January 2025 by Cynthia Overby, Director, Strategic Security Solutions, zCOE at Rocket Software
Honouring the Convention 108[1], a set of protocols that govern personal data protection within the EU, Data Protection Day raises awareness about the importance of data privacy.
Now on its 18th anniversary, Cynthia Overby[2], Director, Strategic Security Solutions, zCOE at Rocket Software[3] shares her insights on what organisations need to do in order to protect the sensitive information they’re entrusted with.
“Data Protection Day reminds us that protecting data is not just about compliance – it’s about building trust and ensuring secure systems in an increasingly digital world. When organisations collect sensitive data from their customers or users, securing that data should be a top priority.
“Companies of all sizes are vulnerable to financial loss due to cyberattacks, and the trust of their customers is also at stake. With cloud-based analytics and AI driving innovation, organisations face growing risks as sensitive data like financial reports, customer transactions, and employee information become prime targets.
“A data breach can result in devastating consequences, with IBM’s 2024 Data Breach report[4] revealing an average cost of $4.88 million per incident, alongside significant operational disruptions, and reputational harm.
“To mitigate these risks, organisations must take a proactive approach to data privacy. Across the globe, national and state laws aim to hold organisations accountable for protecting private user information. Regular vulnerability scanning and addressing weaknesses before they’re exploited are essential for safeguarding systems.
“There are plenty of other methods for organisations to protect their data – including better threat detection, multi-factor authentication and bring your own device policies, while encryption of data in transit and at rest ensures sensitive information remains secure even if compromised.
Employee training is equally important, ensuring teams are equipped to identify and respond to potential threats like phishing attempts. A robust incident response plan and regular testing of disaster recovery processes are critical to minimising downtime and damage in the event of a breach.
“By proactively prioritising data privacy and governance, organisations can reduce risk, enhance trust, and avoid the significant financial and operational consequences of being reactive.”
Sources
[1] https://www.coe.int/en/web/data-protection/convention108-and-protocol
[2] https://www.linkedin.com/in/cynthia-overby-41110a3/
[3] https://www.rocketsoftware.com/
[4] https://www.ibm.com/reports/data-breach
