Security awareness

Get your ‘I’ve got this’ on – it’s Data Privacy Day!

January 22, 2020 by Kristin Zurovitch

Another January 28th is upon us, which means we can celebrate Data Privacy Day. Hooray! I’m heading back to the stockroom to see if we have confetti and balloons left from last year’s party.

OK, that was snarky and sarcastic, but probably not too far off the mark for the way most observe the day. If you’re reading this blog, you likely have more than passing interest in cybersecurity or security awareness. Many of you have all your fingers Hans Brinker-like plugging holes in the dike. But instead of saving Holland from a watery deluge, you’re trying to stop a flood of phishing attempts and keeping the bad guys out of your systems. 

Celebrating Data Privacy Day can feel a little back burner-ish on your priority list.

Good cyber hygiene is a good first step

But that’s not to say the basics of good cyber hygiene touted on Data Privacy Day can’t make a big difference in the core challenges business and security awareness advocates face. Practicing basics build security muscles, which may prevent a family member from clicking on every survey popping into their social feed. Or it might compel a finance manager to think twice about the suspicious email from the CEO urgently ordering $250,000 to be wired to another company.

That icky no control feeling  

Most of the privacy buzz today is reflective of the confusion and out-of-control feeling people have over their personal information. The Pew Research Center released a report in November 2019 stating a pucker-worthy 81% of Americans feel they have little to no control over company collected data. Eighty-four percent felt the same way about the data collected by the government.

How about considering a few suggestions to take back control this Data Privacy Day?

There is no excuse for not updating your privacy settings

The National Cyber Security Alliance (NCSA) is the lead dog on Data Privacy Day and it has excellent tools available to involve your organization. NCSA also built a page with links for updating your privacy settings on most of today’s leading devices and apps. I’ve blocked out an hour after work to do this. You should try this since NCSA took away all the hard work.

Privacy meetups. Just add donuts.

The International Association of Privacy Professionals (IAPP) is extending its privacy awareness-raising efforts for the entire month of January. That’s commitment! KnowledgeNet chapters around the world are organizing meetups to network and share experiences. You can check its site to find a meetup near you. If you’re looking for simple tactics to raise privacy awareness at work, the IAPP encourages bringing donuts for a quick stand up to generate discussion and thank employees for safeguarding privacy. I can get behind anything that includes donuts.

Free protection tips

Infosec receives many requests for quick and easy tips organizations can share with employees and families. You can download a free copy of 10 Ways To Protect Your Personal Data and post it in the office breakroom. Better yet, put a copy of it in each employee’s desk or workspace. With a donut.

Taking even a little action can make a difference in your privacy and security. Even a technology dinosaur like myself has implemented a lot of these tips. If I can do it, you and your workforce can. Here are my five new habits for 2020 Data Privacy Day. Try them with me:

Careful what you click

Infosec regularly sends me phishing simulations to stay sharp, But I can point to the 2019 Data Privacy Day as the time when I decided to knuckle down on checking emails and not clicking on every link simply because it’s there. Nigerian Princes must miss me terribly.

Super important surveys from nobody I know on social media? Nope. Nada. I quit. I mean really, folks. Do you need these?

Plug the Bluetooth siphon

I also got in the habit of turning Bluetooth off when not in use. That was an embarrassingly easy habit to acquire and it should slow down the amount of my information siphoned from my phone.

Patch, patch, patch 

I’m going to be more conscientious to quickly update patches sent by the companies and apps I use. Updating patches can do a lot to keep the boogeyman away.

Authenticate, authenticate, authenticate

Adopt two-factor authentication on everything I can. I’ve also declared 2020 as the year to start using a password manager. Because at this point — what am I waiting for?

Dean Wormer approved

I told you about knuckling down and not clicking email links. But in 2020, with a nod to the Animal House movie, I’m redoubling those efforts with double-secret probation checking on links. Trust me, that’s funny. Google it. After all, 94% of malware is still delivered by email, according to Verizon’s 2019 Data Breach Investigations Report

We’re not going to resolve the larger questions about balancing the personal information we give away in trade for the convenience of using the apps and devices that have become part of our lives. But if nothing else, how about using 2020 Data Privacy Day for making a few changes that will move your personal privacy needle. Take 15 minutes to encourage your team members to plug up a few of their information leaks. Confetti and balloons not necessary, but highly recommended.

Download a free copy of 10 Ways To Protect Your Personal Data

 

 

Posted: January 22, 2020
Articles Author
Kristin Zurovitch
View Profile

Director of Corporate Communications, InfoSec Institute