Guest Talk Security

Data Privacy: Don’t let the pandemic loosen your guard

Barry Cook

By Barry Cook, Data Protection Officer, VFS Global

There’s no doubt that growing awareness of data privacy has enhanced how people take care of their personal information. But there are times when we tend to lose our guard, and mostly these are phases when we are anxious. For instance, it is common to carry vaccine certificates on smartphones for seamless access to malls, eateries, or catch a flight. While we know that carrying such sensitive information on smartphones puts them at high risk for misuse, fears of rejected access might overpower the sensible things to do. The challenge for digital users is to fight these vulnerabilities.

Vaccine certificates, as we know, contain sensitive personal information such as a person’s name, date of birth, age, and gender. Given that an individual’s date of birth is commonly regarded as personally identifiable information (PII) in many countries, it exposes a large population to risks of identity thefts and other kinds of cyber frauds. Rising cybercrime statistics prove that such unprotected data can be easily hacked into or simply accessed through a Wi-Fi or Bluetooth connection automatically picked up by your phones.

Secondly, flaunting of vaccination statuses to social networks is a new fad amplifying these risks. With governments aggressively rolling out immunization drives, many citizens have felt the need to declare their vaccination updates on social media feeds and help in raising awareness. In many cases, social media timelines are flooded with digital copies of COVID vaccine certificates.

It’s imperative not to get blinded by the comforts brought in our lives with the evolution of digital technology. We must remember that our growing dependence on online products and services expose us further to security threats and privacy breaches. These risks assume greater relevance, considering the exponential rate at which personal data storage on cloud services have grown during the pandemic. In 2021, the worldwide end-user spending on public cloud services grew 18.4% to a total of $304.9 billion, forecasted a Gartner report. However, have we been able to ramp up our data-security measures at par with these changes? Perhaps not because businesses did not foresee this scale of digitalisation and hence never felt the need to shift gears.

Users across the world fell prey to cybercrime, and common trends included ransomware attacks, devices with proprietary operating systems witnessing increased vulnerabilities, android spreading malware and an increase in potentially unwanted applications. As per the 2020 state of malware report, the period between January – December 2020 saw a 565% spike in malware detections. Spyware app detections at the same time grew by 1,055%. The pandemic also created new challenges to online privacy.

Governments across the globe find themselves at crossroads. Finding a middle in their endeavour to safeguard citizen privacy and digital contact tracing of the virus is probably the greatest challenge that lies ahead. At a recent public hearing, data protection experts warned a UK parliamentary committee about the perils of exposing critical health data of large populations to private sector players.

Device vaccination is as important

Patch updates or security updates periodically sent out by mobile manufacturers can shield your phones from potential breaches.  Manufacturers recommend that patch updates should be set to automatic to update and protect your devices automatically. Much like how the COVID -19 vaccination does not guarantee 100% protection, device vaccination also goes only so far, but it does mean one should not attempt to safeguard their devices. Additionally, the most effective step is to be careful while using your devices and not clicking on the “OK” button or link when random pop-ups appear on the screen. Being attentive and mindful can avert most attacks and prevent one from becoming part of the chain of compromise. Conventional thinking cyber experts advocate making physical copies of vaccine certificates or other documents that carry an individual’s PII over digital copies to minimise risks.

About the author:

Mr Barry Cook is in charge of ensuring the organisation’s compliance with Data Privacy & protection legislation across all locations of operations. Mr Cook is a results driven, innovative leader with in excess of 20 years’ experience in providing Data Privacy, Information Security and Risk Management solutions to major international business to government, pharmaceutical, private banking and retail organisations.

In his current role, among several responsibilities, Mr Cook oversees and directs privacy specialists, and coordinates privacy and data protection programmes with senior executives globally to ensure consistency across the organisation. He coordinates with the appropriate regulating bodies to ensure that programmes, policies and procedures involving data protection and privacy considerations are addressed in an integrated and comprehensive manner. Mr Cook also develops and coordinates a risk management and compliance framework for privacy at VFS Global.

In the past, Mr Cook has worked in the fields of Air Traffic and Defence Systems Design Engineering, Training & Development, Systems Analysis, IT Security and Risk Management and Information Security with reputed organisations across the UK and Switzerland. Prior to joining VFS Global, he was leveraging his expertise to provide services to multinational and non-governmental organisations as a Data Privacy & Cybersecurity Consultant.

Mr Cook is a certified Information Systems Security Professional (CISSP), and has a Bachelor’s degree in

Integrated Engineering with Management. He is also an IBM Certified AIX Technical Expert (ATE).

Read More News: https://www.enterpriseitworld.com/

Watch CIOs Tech Perspectives: https://ciotv.live/

Read IT Partner News on: https://www.smechannels.com/

Related posts

Should We Migrate to SAP S/4HANA Now or Wait? The Dilemma of Today’s CIOs

enterpriseitworld

The Role of AIOps in Strengthening Cybersecurity

enterpriseitworld

Defending Against Insider Threats Ethically with the Power of User Entity Behaviour Analytics (UEBA)

enterpriseitworld
x