The changing data protection paradigm

I spent last Thursday as I usually do, on the track at the YMCA while listening to my favorite podcast, Down the Security Rabbithole.

The episode, titled "Data Protection Primer," discussed the importance of protecting data security and privacy. One of the guests, Vlad Klasnja, the data protection and privacy manager for Optiv, made the point that despite the challenges, organizations must start addressing data protection, even if it means starting small. This put my main brain into high gear for the balance of my run, thinking through how we collectively got into this mess, and how we can begin to climb out of it.

Twelve years ago, I was the technology head for a consumer credit bureau. Our data was obviously very sensitive, and, even at the time, heavily regulated. While protecting this data was a challenge, it was fairly easy compared to what organizations face today. I had little else to protect other than my consumer database. I knew exactly where the data was: replicated between two data centers, and on backup media at a secure storage facility. It was minimally accessible to the outside world. Even the data that was indirectly web-accessible resided in my facilities.

Read more at Computerworld