The explosion in the amount of information generated every minute, and new big data scenarios, have set alarm bells ringing for privacy in corporate security. Companies handled an average of 9.7 petabytes of data in 2018, 569% more than in 2016 (1.45PB). However, for organizations, the challenge here lies in data protection. And many of them recognize that this is an area where they are falling short. As the capacity to generate information grows, so too does companies’ interest in owning that data, which is increasingly valuable for organizations’ strategies. However, a lapse in the management of this data, or in how this information is protected, can have dizzying financial repercussions. For proof of this, we need look no further than the now well-known case of the Yahoo data breach: the company must now pay $117.5 million in compensation for this attack.
According to the latest Dell EMC Global Data Protection Index, 27% of the organizations surveyed experienced irreparable data loss in the last year, double the amount in the 2016 survey. New business platforms, such as those based on the cloud, and the interconnection between devices that generate information, advance more rapidly than traditional defense solutions. This why, in an age when many threats come from the cloud, it is so important to have 100% cloud-based solutions to tackle them in organizations. Now, in order to provide effective protection, companies need to bear in mind new dimensions in concepts like data privacy and security, as well as being sure to fulfill new regulations.
Protecting AI and ML: the dangers of new technologies
The improvements that emerging technologies can bring to companies go hand in hand with new business challenges. When considering the next few years, the report shows that only 16% of companies believe that their data protection solutions will be able to respond to future challenges, while almost half have trouble protecting the data generated by technology such as artificial intelligence or machine learning.
The proliferation of new attack vectors is one of the most pressing corporate risks that organizations intending to use data generated by their customers must face. In this context, new security frameworks and models need to be created with next generation cybersecurity solutions and software that are able to tackle dangers from the design and execution of systems.
Those new solutions must be able to distinguish between malicious code and benign code, making sure not to deal with data in a way that could endanger the company or its processes. To achieve this, the designers and architects of these new systems will have to guarantee the confidentiality and integrity of the applications, and verify that they contain no vulnerabilities. What’s more, to implement a more efficient cybersecurity, machine learning based security solutions such as Panda Adaptive Defense, can help to cover tasks that traditional systems would not have been able to deal with. Making use of the power of combining big data and machine learning, our advanced cybersecurity solution allows us to detect attacks based on anomalous behaviors.
Complying with regulations, a new challenge for companies
According to the Dell EMC report, 41% of the companies surveyed consider complying with regulations to be one of the leading challenges when it comes to data protection. Nevertheless, companies shouldn’t invest in security just for the sake of compliance. The financial implications of a data breach can be large, but a loss of reputation and customers can be even worse in the long run.
The main reason that four out of ten companies consider regulatory compliance to be a challenge is the GDPR. The regulation, which came into effect almost a year ago, forced all companies to strengthen the protections on the personally identifiable information (PII) that they store or process, especially if it resides in or is dealt with on collaborators’ and employees’ computers. At Panda Security, we have developed Data Control, a data security module adapted to the GDPR. It helps companies to comply with the regulation, identifying unstructured personal information on workstations, and stopping this information from being breached. This way, companies can avoid fines and sanctions by discovering where their data is stored, who is handling it, and what actions are being made on it. Data Control safeguards the personal data that is stored on endpoints.
Tips to keep your company’s data safe
As well as being sure have the best advanced cybersecurity solutions, we can take away from the report several tips that can help organizations to prepare for the future and for new sensitive information protection scenarios.
- Add value to your company’s data, and protect it accordingly. It is vital to create strategies, categories, and valuations that allow information to be scaled, and for you to distinguish which data is really relevant for the company, and therefore in need of extra protection.
- Control the information that your providers handle. The more information you produce and offer, the more controls you need to apply to it.
- Protect information on the cloud. Backups and access controls shouldn’t be ignored for cloud environments, whether public or private. The information stored on the cloud belongs to your company, and so responsibility for it is your company’s, even if the cloud belongs to a third party.
In the ages of GDPR, big data, and data based technologies such as machine learning, every measure that aims to protect corporate information must be implemented to defend organizations’ most valuable asset: its data.