Ransomware, malware, privacy breaches, CEO fraud, ID theft, phishing … cyber and privacy threats have an indelible position in our daily business and we know they are here to stay for the foreseeable future. Nonetheless, 2020 will so far be predominantly remembered for the “offline” variant of which these annoying facts of digital life have gained their name; the COVID-19 virus, commonly known as Corona, is spreading throughout the world like a wildfire. The parable between the digital and (biological) analogue version of a virus is pretty clear; you can read an interesting article in this Compact edition about yet another similarity between this viral disease and increasing cyber treats; its source.
“Never waste a good crisis” is the adage of many an optimist. And for sure we can learn a lot from the (variety in) business responses. Most organizations have a business continuity plan that will at least make it through a light touch audit. But the focus is and has been heavily on IT; how do we make sure the systems and applications are available and how do we restore operations after a disaster? Now that the availability of staff, at least in office environments, is becoming the bottleneck, we will definitely see a spike in management attention to this matter in business continuity and crisis management plans. However, recovering from extreme scenarios is also in the digital world still a daunting task. Ronald Heil provides his opinion on surviving pandemic-style cyber incidents in this Compact – interesting read!
Also without global health disasters, we see substantial dynamics in the area of cyber and privacy. In this Compact edition we touch upon evolving risks concerning the use of open source software, mobile apps, DevOps, and shadow IT. All these trends are the result of the ever-increasing digitization and transformation of organizations. Working together in a “Purple Team” exercise will help strengthen the defenses of these complex IT environments. I hope these articles will assist you in positioning and addressing the related cyber risks.
The digital transformation is strongly driven by the use of valuable data, including more and more unstructured data. Harvesting the benefits of large sources of data is tempting for business leaders. But this comes with non-compliance risks, especially in the field of data privacy. In this Compact you can learn how Enterprise Content Management can assist you and your organization in addressing these risks. Along the same lines is the use of pseudonymization (or: aliasing, reversible anonymization) which reduces the risk of misuse of identifiable personal data. Whether pseudonymization is sufficient and practical is detailed in an interesting read by Hans van Vlaanderen. Despite all efforts, it still can go wrong. Transparency and media coverage on data breaches have become the new normal, especially driven by privacy regulations that require timely notification. Dealing with complex data breaches is not an easy task and from a data and legal perspective especially challenging; this edition provides guidance on this subject which is relevant for every organization.
I sincerely hope we will overcome this historic Corona pandemic and will return to well-protected business-as-usual as soon as possible. Let this Compact Magazine at least assist you to focus your mind on a less contagious but longer-lasting challenge for the time being!