DATA PRIVACY WEEK: Commentary from Director of Data Security

.

Greg Clark, Director of Product Management, Data Security, OpenText Cybersecurity says:
From the U.S. government's robust new cybersecurity executive order (which could or could not be implemented with a new administration) to HIPAA, GDPR and AI privacy policies, organisations are navigating increasingly stringent and complex rules that span industries and borders. These challenges can strain resources and create operational risks.
This Data Privacy Week underscores the urgency of embracing an organization-wide privacy-first approach to shift away from complexity, ensure compliance and protect data from persistent cyberattacks.
1. What all organisations can do: Adopt clear, company-wide policies that ensure the secure use and handling of information. This is crucial with the rapid adoption of GenAI tools. A recent OpenText survey found only 27% of employed respondents use privacy tools and settings to protect workplace information when using GenAI.
2. What data privacy and security teams should do: At a practitioner level, simplifying security stacks can help protect information by reducing fragmentation, improving cross-team communication, leveraging contextually relevant threat insights, and increasing transparency within data and other business systems. It also allows them to unify threat detection and response, data discovery and protection, modernising data privacy and strengthening privacy and security postures.
3. What employees should do: Individual employees play a critical role in protecting data. Phishing scams and insider threats are only getting more sophisticated. Whether a large enterprise or a small business, education and awareness across all departments need to be layered on top of AI-powered technologies that detect threats.
A privacy-first approach doesn't have to slow innovation. By streamlining security stacks and policies, organizations can move beyond complexity to unlock more efficient, integrated workflows.