Strong Security Paves the Path for Data Privacy

Jan 28, 2022 9:15 AM ET
Article

VMware is proud to be a 2022 Champion for Data Privacy Week, supporting the principle that all organizations share the responsibility of being conscientious stewards of personal information. The goal of Data Privacy Week is to raise awareness about the importance of privacy and remind organizations that respecting privacy is good for business. The initiative is led by the National Cybersecurity Alliance, a leading non-profit organization on a mission to create a more secure, interconnected world by promoting public-private partnership.

Between the universal shift to anywhere work and what is being labeled as “The Great Resignation,” the evolving enterprise landscape has required organizations to adjust their security strategies in real-time to stay one step ahead of attackers and protect stakeholder data. To improve security postures, organizations should consider conducting a baseline vulnerability assessment or threat hunting exercises to identify where systems are vulnerable and where increased security controls need to be applied.

“The lines between work and our personal life have increasingly been blurred over the past few years as our homes now double as our offices,” said Karen Worstell, senior cybersecurity strategist at VMware. “This is not likely to change soon, as companies continue to delay their return to office plans. As we settle into a new era of anywhere work, enterprises must understand that data privacy practices rest on a foundation of strong cybersecurity controls. Data Privacy Week is a time for organizations to set goals for implementing best practices that improve data protection and cybersecurity. These include robust vulnerability management, implementing multifactor authentication, threat hunting, and network micro-segmentation, among others.”

As we settle into a new era of anywhere work, enterprises must understand that data privacy practices rest on a foundation of strong cybersecurity controls. Data Privacy Week is a time for organizations to set goals for implementing best practices that improve data protection and cybersecurity.

Karen Worstell, Senior Cybersecurity Strategist, VMware

Creating a Company Culture of Privacy

In addition to strong security measures, organizations should adopt a privacy framework to help manage risk and create a culture of privacy. The privacy frameworks from NIST, AICPA, and ISO are great places to start. By creating a culture of privacy as well as educating employees on how privacy and security applies to their day-to-day job, organizations can better protect against both internal and external security and data privacy threats.

“We’re all familiar with the concept of The Great Resignation, but what organizations need to be hyper-aware of this Data Privacy Week is its significant impact on insider threats,” said Rick McElroy, principal cybersecurity strategist at VMware. “The number of employees that have left a company but still have access to the network or proprietary data – whether accidentally or purposefully – has significantly increased. Malicious actors know this and will start to target these employees to either carry out cyberattacks or plant ransomware. CISOs need to reevaluate their current security posture to ensure that this type of data is properly protected so that an instance of an employee departing from a company is not linked to a possible security incident.”

At VMware, we understand that a strong security posture and protection of personal data inspires customer and employee trust, enhances customer experience, and accelerates our growth and innovation strategy. By empowering everyone at VMware to be privacy-first champions, we can better enable the business to deliver innovative products and services that solve complex business problems for our customers and partner organizations. VMware employees can visit the Privacy Source site to learn more.

CISOs need to reevaluate their current security posture to ensure that this type of data is properly protected so that an instance of an employee departing from a company is not linked to a possible security incident.

Rick McElroy, Principal Cybersecurity Strategist, VMware

2030 Trust Outcome: A Cyber Resilient World and Privacy by Design

VMware’s 2030 Agenda is a decade-long ESG commitment and call to action to foster a more sustainable, equitable and secure world. One of the key pillars of this commitment to building a better future is trust. As our technology services and solutions have grown, so too has our ability to drive enhanced security and privacy for our customers to build trust with their stakeholders.

At VMware, we envision a future where customers of all companies are confident their data is secure and being used responsibly, employees can be sure their employers are transparent and ethical, and all stakeholders are effectively safeguarded from the cyberattacks threatening our digital world. VMware is helping to build a more secure future for all through our security solutions that strengthen customers’ ability to defend against cyberattacks and better protect their apps and data. This empowers customers to build trust across any app on any cloud across any device.

By viewing innovation through a lens of digital ethics and stewardship, and by focusing on security, privacy-by-design and transparency, VMware establishes and maintains trust among our people, customers, partners, shareholders and communities. Read more about VMware’s 2030 Trust Goals here.

Click here to view the original content.