Given the current economic times and the heavy influx of security breaches nationwide, which Cybersecurity companies are poised to capitalize on the ever growing threat against data privacy. Do you think companies will be looking to do cybersecurity audits more frequently in the future?
Hi Jake - great questions. Data privacy laws absolutely are impacting the cybersecurity field. Security is one part of the larger "trust ecosystem" comprised of security, privacy, identity, and compliance teams.
Back in Nov 2019, we created Data Privacy software categories on G2.com to address this growing field (https://www.g2.com/categories/data-privacy-3d79da1e-6384-42b3-a11f-d04b6694e806) which include:
-Data Privacy Management Software
-Privacy Impact Assessment (PIA) Software
-Data Breach Notification Software
-Sensitive Data Discovery Software
-Data De-identification/Pseudonymity Software
-Data Subject Access Request (DSAR) Software
-Consent Management Platform (CMP) Software
-Cookie and Website Tracker Scanning Software
-Identity Verification Software
-Privacy Policy Generator Software
-Other Privacy Software
One of the most important aspects of meeting data privacy regulation requirements is properly storing personally identifiable information (PII) -- which includes knowing where it is stored, who has access to it (both internal teams and 3rd parties), where it is stored geographically, data transfers that happen, if it is encrypted, masked, or de-identified (pseudonymized). Using Privacy Impact Assessment (PIA) software enables companies to evaluate, assess, track, and report on the privacy implications of their data.
Secondly, it is important to be able to access that data when fulfilling a user's request to access, port, or delete the PII a company holds on them (this is called a data subject request or a consumer request <--depends on which privacy jurisdiction we're talking about). So, locating that data within the legally mandated timeframes (30 days for the GDPR and 45 for the CCPA).
Considering that data privacy regulations have enforcement mechanisms (fines) on top of brand reputational damage when dealing with data breaches or data loss -- I definitely see this area expanding in the near future and taking cybersecurity right along with it.
Thank you for your thorough response, sounds like you have some experience in the security industry. Considering the shortage of IT security workers I am glad to see that regulation has bolstered expansion of the field and more awareness across the board. As you had mentioned G2 only recently (Nov. 2019) added these types of businesses/products which I think is a testament to the continued emergence of cybersecurity related products/services.
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.