Expert insights on safeguarding data in a digital world

With Data Privacy Day drawing near, cybersecurity experts are speaking out about the growing concerns and ongoing efforts in safeguarding personal information in an increasingly digital world. Industry leaders like Olly Stimpson of CyberArk, Sam Salehi from Qualys, and Troels Rasmussen from N-able have weighed in on the pressing issues and recommended strategies to combat the challenges faced by organisations and individuals alike.

Olly Stimpson, a Senior Security Strategy Adviser at CyberArk, reflects on the progress made in Australia over the past year. According to Stimpson, substantial strides have been made with key privacy reforms being passed and a noticeable reduction in cybercrime reports. "These positive developments lay the foundation," Stimpson states, "but the journey to secure data privacy is ongoing. This year's Data Privacy Day theme, 'Take Control of Your Data', underscores the necessity for everyone to engage actively in safeguarding personal information." Stimpson highlights the importance of identity security, emphasising robust workforce identity management and the protection of user credentials as vital measures against potential breaches.

Sam Salehi, Managing Director ANZ at Qualys, also addresses the critical role of information security. "In an era where data is a key currency," Salehi explains, "the focus must be on transparency and the responsible use of information." He identifies the increasing challenges associated with rapid technological adoption, such as misconfigurations and insider threats. Salehi advocates for a strategic balance between innovation and robust risk management practices, emphasising the necessity for businesses to embed security within their core strategies.

Adding another layer to the discussion, Troels Rasmussen, General Manager of Security at N-able, speaks on recent events further highlighting the urgency of addressing data privacy risks. Rasmussen notes the recent data breach involving Gravy Analytics, a data location broker, as an alarming reality of today's digital landscape. The breach resulted in terabytes of sensitive data being stolen, underlining the vulnerabilities that businesses face. Rasmussen identifies hybrid working models and BYOD (Bring Your Own Device) policies as creating complex data privacy issues, necessitating robust endpoint security to prevent unauthorised access.

Rasmussen introduces the concept of "shadow AI", where large language AI models are used outside sanctioned channels, posing substantial risks if sensitive information is inadvertently shared. He foresees 2025 as a turning point with AI tools potentially being equipped with stricter privacy protocols, aligning with current and forthcoming legislation. In light of inevitability surrounding data breaches, Rasmussen asserts that businesses should adopt "zero trust" policies. This approach includes implementing strict authentication measures and limited access to curtail unauthorised movement within systems. He emphasises the importance of strong password practices, multi-factor authentication, and comprehensive endpoint detection to enhance data security.

The perspectives of Stimpson, Salehi, and Rasmussen converge on a shared objective: fostering a secure digital environment through proactive measures. Their insights highlight the necessity for a multifaceted approach that not only addresses the technological aspects of cybersecurity but also underscores the importance of a collective responsibility in protecting data privacy. As Data Privacy Day serves as an annual reminder, these industry voices reinforce the call for vigilance, collaboration, and continued innovation in safeguarding the digital assets that constitute a significant facet of modern society.