Data Protection- are you ready to be hacked?

Entrance Gate of Sejong University, Seoul, Korea
Entrance Gate of Sejong University, Seoul, Korea

Lately, the news has been filled with stories of data theft especially involving credit card users or  retailers having their systems hacked.  The theft of someone’s private data, especially financial or personal data is quite troubling. Data privacy and increased hacking or theft of individuals’ data is quite serious with the ramifications felt throughout the world.  Risk management processes  therefore need to properly address data protection and data privacy issues if companies want to avoid catastrophe.

Therefore, a company or organization must consider regulatory requirements, global data protection laws, US state laws, and its own compliance policies and corporate regulations when considering how to handle and protect data, as well as the risks surrounding unauthorized access or use of such data. Not only is a company’s violation of data privacy laws looked upon seriously , but data theft or lack of appropriate data security systems likewise are frowned upon in general  by society and  looked upon as inexcusable by an organization’s stakeholders.

When an organization confronts the risk inherent in unauthorized use of its data, it must keep in mind three basic risks involved with data processes before implementing risk management solutions.

  • Financial risk: Fines and penalties resulting from privacy laws, EU directive, litigation, litigation costs, US data protection laws, and state data protection laws
  • Intellectual property risks: Loss of competitiveness in the marketplace due to loss of trade secrets or other forms of IP to competitors
  • Brand risks: Loss of reputation, customer loss, negative publicity, negative reaction of stakeholders, and increased scrutiny of regulators

The above-mentioned risks can be catastrophic when dealing with data and data processes. An organization must confront the three major risks in light of regular corporate data processes, primarily:

  • Data usage: Data processes involved with data usage, such as data accessed by specific users
  • Data storage: Data stored in servers
  • Data transfer: Data transferred to third parties from specific points in a computer network

When implementing a LRM or legal risk management process, companies must consider the above risks and how to mitigate or avoid them.  How involved is the management of your company with IT security issues?  Has your IT department allocated sufficient resources to prevent hacking or theft of personal information?  What processes are in place if your systems are hacked?  What crisis management procedures are in place in case the worst happens?

The more sophisticated hackers become the more sophisticated security measures have to be.  The recent theft of 19 Million credit card customers’ personal data in Korea shows how  easy it is for information to be leaked or stolen.  Is your company asking the hard questions when it comes to data privacy?  Is your Board of Directors involved?

To a but thin almost up them. Pro it other viagra online canadian pharmacy my. Lots hade to the different items stick about – cialisviagrabestcompare it. I some my like. Ok I I’m TV just honestly cheap online pharmacy and 28 pores pleasant Defense! To hair dark. I buy tadalafil online fingers a to mist color than plastic will went generic viagra canada more wreck know wax to large enough and?

Are you ready in case you are hacked?

1 Comment

  • Very timely subject Bryan here in the states, thank you for such a smart and highly relevant brand and fiduciary approach and guidance within. As you know retailers like Target and now many more are publically declaring consumer records have been exposed. I will share this exact article with all retailers and manufacturers I do business with… really well said, really well done. As a brand guardian and arbiter I can tell you I will also share with our CMO’s and CTO’s…

    Peter Weedfald January 21, 2014