Companies from the UK and the EU to North America are in a tough spot. Now that GDPR is in full effect, and CCPA will soon be underway, every organization is explicitly charged with protecting user data and responding appropriately when a data breach occurs.
That responsibility has never been more challenging.
Case in point, earlier this year, the European Data Protection Board (EDPB), an independent oversight committee created as part of the GDPR regulations, released its first annual report on data breaches within the EU. In addition to levying $63 million in fines, the EDPB counted 65,000 data breach notifications in the law’s first nine months.
It’s no wonder that there is a veritable exodus among IT security leaders globally. According to a recent survey, 82% of IT personnel feel burned out, and more than half consider quitting their job. Perhaps most notably, 63% of respondents are considering leaving the industry entirely.
Indeed, today’s digital landscape is replete with threats from every angle, and in many cases, a company’s own employees are one of its biggest threats. As a 2018 study by the Ponemon Institute highlighted, “Data breaches caused by insiders increase in frequency and cost.” The specific tallies can vary, but accidental and malicious data misuse is undoubtedly on the rise.
While more invasive and in-depth control over employee’s technology might seem like an obvious solution, employees still have legal privacy rights, and no company wants to destroy employee morale by conducting unnecessary or excessive oversight.
Instead, companies need to strike a balance. On the one hand, they absolutely have to protect their customers’ data, and, on the other hand, they need to preserve their employees’ privacy. Fortunately, these competing obligations are not antithetical to one another.
Here are four ways to leverage analytics and intelligence from monitoring insights to secure user data while protecting employee privacy.
>> Continue reading on the RSA Conference blog.