GettyImages-971892150  - GettyImages 971892150 - A Call for More Consumer Privacy Laws Could Spell Penalties in Your FutureIn the wake of the Marriott data breach, U.S. senators are calling for tougher laws and stiff fines for organizations that do not properly consumer data.

Half a is a really, really big number – so big, it almost seems impossible to think that Marriott’s was breached and every single one of those records made their way into the hands of the bad guys. But that’s exactly what happened to the Marriott Starwood Hotels acquisition in a breach that lasted 4 years!

The data stolen will be used for years to come by cybercriminal organizations that are phishing unsuspecting users with everything from emails citing “a problem with your reservation” to offers for hotel rooms at an unbelievable price, to simply using the personal details gathered to establish context enough to fool a recipient into taking the bait.

The breach is inexcusable and demonstrates even those organizations we believe are protecting their data the most can fall prey to attack and breach. Major lesson here: in any acquisition, the due diligence needs to include a very, very thorough cyber security assessment.

In response, U.S. Senators are calling for more stringent privacy laws – likely along the lines of the soon-to-be-implemented California Consumer Privacy Act of 2018 – to ensure those organizations holding material numbers of consumer records have proper security controls in place… and penalties for those who fall short characterized as “severe” and “aggressive”, even discussing jail time for senior executives that ignore customer data privacy.

Add to all this the wave of lawsuits against Marriott that have already begun. This is all indicative that consumer privacy is coming to a boil in the U.S., with tolerance on the part of consumers and Congress reaching an end.

It’s time for organizations like yours to get ahead of the consumer privacy game – while legislation may not exist yet, lawsuits certainly do. Protecting data with proper security controls, limits on privileged access, machine learning-based endpoint protection, and Security Awareness Training is all part of a necessary layered “defense-in-depth” security approach. Necessary… as in to protect your data, clear of the headlines, and avoid penalties from regulations.


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 

Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - A Call for More Consumer Privacy Laws Could Spell Penalties in Your Future
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - A Call for More Consumer Privacy Laws Could Spell Penalties in Your Future

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here