With organizations collecting and storing massive amounts of personal data today — much of which people share freely — we must become better at protecting data on both the storing and sharing sides. Organizations need strong data protection measures in place, and everyone should start being more digitally mindful when sharing their own personal data.
Ultimately, being careful about what we put out there is the best way to reduce cyberattacks and data breaches.
For organizations, data privacy is a continuous process, not a once-a-year tick-box exercise. Reducing human risk and minimizing data collection are essential strategies for data security. For individuals, it’s time to kick-start digital mindfulness. Privacy is not about hiding — it’s about controlling your data. Taking small, consistent steps can be more effective than one big privacy overhaul.
KnowBe4’s CISO advisors provide practical advice to both organizations and individuals to take control of their data this Data Privacy Week.
Advice to Organizations
- Practice Data Minimisation: Audit your confidential data annually and delete what you no longer need. The best protected data is the data you don’t keep. Only collect and store information that is absolutely necessary for operations, as less data means reduced liability.
- Know Your Data Flow: Understand what personal data you collect, why, where it flows, who can access it, and when it is deleted. If you must retain data for future use, anonymise it.
- Invest in Your Team: Reduce human risk with practical training to help employees recognize social engineering tactics, phishing attempts, and emerging threats.
- Be Transparent and Compliant: Clearly communicate your privacy policies to customers regarding what data you collect, how it’s used, and with whom it’s shared. Review your organization’s adherence to relevant privacy regulations (e.g., GDPR, CCPA).
- Fortify Defenses: Ensure all data is encrypted, both in transit and at rest, as a critical last line of defense. Regularly test and update your data breach response plan.
Advice to Individuals
- Stop and Ask Before You Share: Before handing over your data to an app or website, pause and ask:
- Do they really need this?
- What happens if this information gets leaked?
- Secure Your Accounts: Use a password manager to create and store strong, unique passwords for every account. Enable Multi-Factor Authentication (MFA) on all critical accounts, including email, banking, and social media.
- Spring Clean Your Digital Life: Delete unused accounts and apps, review subscriptions, and revoke unnecessary permissions. Tighten privacy settings on social media and opt out of unnecessary tracking and marketing.
- Limit Your Exposure: Assume anything you give, send, or type could be stolen and exist forever. Only provide required information on forms, and avoid oversharing whenever possible.
- Check Your Digital Footprint: Periodically search for your name online to identify potentially private or personal information in the public domain. Consider using browser extensions or privacy-focused browsers that block online trackers.
Data Privacy Week serves as a critical reminder that a proactive and vigilant approach to data protection is the most effective defense. KnowBe4 encourages everyone — from the C-suite to employees — to transform data privacy from a regulatory burden into a core pillar of operational and personal security.
Contact:
kn*****@*******mc.com
