Growth & Scale Insiders, Episode 3: Managing Data, Risk, and Security
What Do You Need to Know About Data Security and Privacy? You May Be Surprised.
SOC, GDPR, CCPA….and the list goes on. Data security and privacy has seen a trend of increased focus from auditors, regulators, and customers. In the past, data security was an initiative undertaken by high-risk organizations or large public companies as part of risk mitigation and business strategy. However, as new privacy laws and consumer focus has emerged, businesses of all sizes are finding that data security and privacy is simply a cost of doing business. Additionally, the current challenges of the COVID-19 pandemic are creating even more complexity around data security and privacy. For example, data security controls around remote environments, encrypted communications, and temporary system access are becoming even more crucial to ensure companies can achieve compliance with regulations and data security frameworks.
The next episode of our podcast, Growth & Scale Insiders, brings together three experienced professionals with unique perspectives on data security and privacy. John Patrick, an IT Risk and Compliance Manager from Bridgepoint Consulting, discusses the new landscape and how companies can prepare. Kate Williams, a Risk Assurance Manager from Maxwell Locke & Ritter, covers data security and privacy from an auditor perspective. And Jessica Hamilton, CFO of ActiveProspect, presents her insights on addressing data security and privacy from a growing software company’s standpoint. The group discusses emerging topics, including Service Organization Control (SOC) Reports, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).
Patrick starts by outlining two main trends that he sees regarding data security and privacy, “There is legislation at both the state and national level around the world….and we are seeing the first of a wave.” He goes on to say that “Customers are paying attention to data security and privacy in a way that they may not have in the past. It is becoming a requirement.”
“Even the way that our customers are viewing data has changed,” adds Hamilton. “Customers that may just be collecting name, email, and phone number, are now being scrutinized with how that data is protected. Customers have a heightened sense of awareness about security.” Williams adds, “We have companies that come in…and need a SOC 2 or cannot close a deal. It takes time.”
The rules are changing, and companies of all sizes are adapting to meet the data security and privacy demands of lawmakers, customers, and other stakeholders. Business leaders should understand the need for strong safeguards as they navigate the evolving landscape.
Have any questions for our podcast show guests? Are there any topics you’d like us to discuss next time? Send them to Holly Subervi at email@example.com.