Dimitri Sirota, co-founder and CEO, BigID
Siri, Are You Listening? Overcollection of consumer data has been an issue for quite some time, but the introduction of smart home devices like Amazon’s Alexa and Google’s Nest have exponentially accelerated consumer data collection, much of which is superfluous and lacking in value. Large and small organizations alike are not taking the necessary steps to identify which data is sensitive and which should be deleted. By not making this distinction and just storing all the data they get, companies are exposing themselves to potential security and compliance risks. As rash, unnecessary and potentially invasive data collection becomes even more pervasive in devices across the home, I expect the public backlash to grow louder in the new year.

Richard Bird, chief customer information officer, Ping Identity
America Gets Serious About Federal Protections for Data and Digital Identity: The U.S. is one of the few remaining developed countries without a national data privacy standard, which is giving rise to a patchwork of state-based regulations that will likely prove to be harmful from both an economic and commercial perspective. It is even starting to raise concerns about national security and the protection of U.S. citizens in today’s deeply connected world. In 2020, we will likely see Congress step up to address data privacy at the federal level – and in the process work to protect more than just data, but also the digital identities of all Americans. We've already seen various business sectors race to develop the de facto "standards" for this critical aspect of modern day consumer privacy and security -- particularly financial services, healthcare and internet technology companies -- but in 2020 commercial interests may see their dreams pushed aside by lawmakers. Emboldened by rapid progress on data and security regulation, we will likely see the federal government take digital identity under its wing, in effect creating a robust set of consumer data protections.

Rajesh Ganesan, VP, ManageEngine
Privacy laws will result in increased focus on employee accountability. More countries are following the European Union's lead by implementing data protection laws similar to GDPR, such as the Thailand Personal Data Protection Act (PDPA) which goes into effect in May 2020. Under such scenarios, the role of Data Protection Officers (DPOs) assumes significance as they must work closely with the CIOs and tech teams to ensure that organizations comply with the law. With increased awareness of and emphasis on data protection, there will be an even greater focus on the handling of users' personal data and its security. Employees at all levels will be held accountable as organizations strive to meet compliance. Therefore, there will be a need for upskilling and education programs to handle this aspect. - Rajesh Ganesan, VP at ManageEngine

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.