Data Privacy Day: Why It Matters and How to Celebrate It

For those of us who live and breathe cybersecurity, January 28th is a crucial day: Data Privacy Day. What started primarily as a day for organizations to remind employees about the importance of privacy protection is now an international effort for individuals and enterprises alike. Protecting your data should be top of mind for any organization, and Data Privacy Day is a great opportunity to underline it.

At its core, to practice data privacy is to respect an individual’s personal information. This is obviously important at a singular level, but it’s crucial at an organizational level where reputation and revenue are at risk. And with the increasing frequency of data breaches, Data Privacy Day is more relevant than ever.

Take advantage of Data Privacy Day later this week to underscore the how and why of data privacy. Assess your company’s data collection practices and, if you haven’t already, implement a privacy framework. But institutional cybersecurity isn’t possible without individual awareness. A strong, secure data policy is proactive rather than reactive—and it starts with users.

Looking to participate in Data Privacy Day? Here’s what you can do, whether you’re an individual or a cybersecurity professional representing an organization.

• Be transparent with data collection. In 2021, Apple celebrated Data Privacy Day by releasing a report on how they and other companies track your data across websites and apps. This kind of transparency serves two purposes: educating users and establishing a strong data privacy reputation. While a full report may not be the right move for your organization, the idea behind it is.

• Host a training session. Use Data Privacy Day to educate employees on the what, why, and how. Show them how you collect and protect data, and how they can prevent data breaches. And bring in an outside expert if you don’t have in-house resources.

• Give a pop quiz (with prizes). Can your employees accurately spot a phishing email? Do they know and practice your organization’s data privacy obligations? Go beyond the training session and quiz their knowledge–and be sure to reward the winner.

• Practice what you preach. What good is celebrating Data Privacy Day if you’re not walking the talk? Use the day to create or assess your data privacy framework. Review any new data privacy legislation in your locale to ensure you’re compliant. And have a tight data incident response plan in place, if you don’t already.

• Manage your privacy settings. It’s common to sign up for online sites, services, and devices without reviewing the privacy settings, and you’ll often have to intentionally opt out of more invasive data collection. This Washington Post article provides advice and recommendations about privacy settings on some of the most popular apps and websites.

• Remember that if it’s free, you’re the product. Your data is valuable, and nothing is truly free. If a website provides a useful service for free, they may be trading it for your data. Being aware of this trade off is a big step in understanding data privacy.

• Use privacy tools. Plenty of people are concerned about their data privacy, and there are tools to help protect your information. Using privacy-minded web browsers and search engines with VPNs goes a long way towards ensuring your data privacy.

• Change and protect your passwords. This is a simple step but it can’t be overstated. The frequency of data breaches makes it clear that using the same password puts your privacy at risk. Choose complex passwords that you frequently change, and consider using a password manager.

We treat every day like it’s Data Privacy Day. It’s at the heart of what Abnormal Security is founded on. Our daily objective is to stop business email compromise, a primary pathway for data breaches, as well as other advanced threats that bypass traditional email security solutions like supply chain compromise, credential phishing, and ransomware. And to help others protect against these threats, we have multiple resources that may be helpful, including our recent CISO Guide to Ransomware.

Abnormal Security values data privacy and transparency, demonstrated by our Trust Center:

• We are SOC 2 certified with third-party audits at least once a year. Our most recent SOC 2 report is available on request.

• We are ISO 27001 certified by Coalfire ISO.

• We work with our customers to address privacy concerns and questions, and we have a comprehensive Data Protection Addendum.

• We take the necessary steps to comply with privacy frameworks like GDPR and CCPA.

As a result, our customers trust us with their data, and we’re committed to keeping that trust moving forward.
To learn more about our data privacy measures, speak with an email security specialist today.