Like the decades before it, the start of the 21st century has seen exponential growth in data volumes and data repositories/platforms. As a result, bad actors have ratcheted up their illicit international efforts to access troves of valuable data. In turn, worldwide rules and regulations have proliferated and developed stricter protections as to personally identifiable information (‘PII’). Yet, as always, legal developments lag behind ‘in the trenches’ realities. In addition, not only data security technology but also related employee training are in a never-ending race to try and defend against the ever expanding universe of schemes deployed by hackers.
The two of us spend many of our waking hours focused on cyber security defence, and especially the ways that the triad of law, technology and employee-training intersect in that realm. This article addresses three of our expectations:
Originally published in the Cyber Security Practitioner (May 2017).