Intelligent CISO Issue 13 | Page 28

editor’s question RIAAN BADENHORST, GM AT KASPERSKY LAB AFRICA T he digital realm and its continued progression has led us into an age centred around data. Data is everywhere and companies realising the potential that data holds are implementing as many relevant strategies as possible, to use data, and its value, to their benefit. The reality is that data is a valuable commodity, if utilised correctly. The more personal data a company holds, the more opportunity it has to analyse that data for the purpose of understanding its target audience, to better target and sell to consumers. And if one thinks about how convenient it is to deal with a brand or provider who actually understands their needs analysis and offers an applicable solution required, it’s a ‘win- win’ situation for all. While digital offers so many benefits, it has also brought with it some risk 28 and the realities of cybercrimes – that seem to be growing in relevance, number and sophistication by that day. Unfortunately, the type of personal data that is useful to a business is also lucrative to the cybercriminal world and is targeted for cybercrimes. Data based on loyalty programmes to payment data and aspects like date of birth, medical records and anything a business uses to personalise the customer experience is highly attractive to cybercriminals. In many cases, such data becomes a kind of criminal Unfortunately, the type of personal data that is useful to a business is also lucrative to the cybercriminal world and is targeted for cybercrimes. currency, exchanged and traded on the black markets of the Darknet. Data subjects often don’t realise this, how their data is being handled or who has, or can gain access, to it. Over and above this, in some cases, organisations are careless about how data is being managed and shared. This creates ample opportunity for cybercriminals and cyberattacks of all kinds. The General Data Protection Regulation (GDPR) was implemented as a means to address this challenge, among others, and to ensure that data is being safeguarded effectively for the protection of user information. While there is now a regulatory step to follow, and of course some work required around this, considering how cybercrime is growing, and how it continues to affect and impact consumers across the globe, the regulation should not be seen as a hindrance. Rather, it advocates the meticulous security and privacy of personal data, which is essential to the process of beating and/or minimising cybercrime. For any cybersecurity provider worth its salt, the GDPR will in fact play a key role in supporting the cybersecurity industry’s principle of respecting and protecting people’s privacy. Data protection should always be at the forefront of a business’s data related strategy. GDPR now makes the business more accountable but also supports the broader fight against cybercrime. Issue 13 | www.intelligentciso.com