Thales: Data Privacy Day a Timely Reminder for Firms to Tighten Grip on Data and Strengthen Business Outcomes

As Data Privacy Day (January 28) approaches, Thales is calling on businesses to take greater control of their data and prioritise transparency, security, and compliance, thereby enhancing data security and customer trust.

As disruptive business models and new technologies like generative AI permeate all aspects of business and personal life, the amount of data being collected, used, analysed, and retained is growing by the day. This also means that the damage a data breach can potentially inflict on a business and its customers rises in tandem. Regulatory oversight and financial penalties are also trending northwards.

“Generative AI is a threat but also an unprecedented opportunity to build loyalty with customers,” said Andy Zollo, Senior Vice President, Application and Data Security for Thales in Asia Pacific & Japan. “Maintaining proper data control is arguably the most important focus of all strategic security initiatives and must take priority in organisations looking to build trust-led competitive advantage.”

To effectively keep their data private, organisations should:

1. Create a culture of privacy. This can be done by educating employees on their obligations to protect personal information and ensuring that staff know how data security is applied in their daily work.
2. Conduct a privacy impact assessment. This will determine how and where data is stored, backed up, and disposed of, what data security measures are currently implemented, and where systems may be susceptible to a data privacy breach.
3. Transition from a reactive cyber defence stance to a proactive one. Security program transformation is characterised by proactive defences that enable operators, developers and other users to adopt new technologies safely. According to Thales’ 2024 Data Threat Report, organisations have identified the emerging areas of generative AI, cloud, IoT/5G and quantum computing for proactive security measures.
4. Keep up to date with security technologies. Staying abreast of technological developments in the industry is essential. With the increase in phishing attacks and identity infrastructure attacks, organisations should consider how workforce identity and access management, along with customer identity and access management, can enhance their existing security measures.
5. Foster stakeholder buy-in to enhance overall organisational security. Security leaders should focus on empowering stakeholders to play an active role in safeguarding the organisation. For instance, developers could adopt user-friendly methods for customer onboarding and authentication, while security champion programs can inspire more developers to embrace secure development practices. These initiatives help embed robust security measures across the organisation, creating a culture of security that extends beyond its boundaries.

“Ultimately, these steps will enable businesses to deepen customer trust, strengthen organisational resilience through better threat management, and improve ROI from generative AI and cloud investments through better data control,” said Zollo.