Identity, Data Privacy, and Breach Protocol:the IDG TECH Talk 03/29/2018

IDG TECH Talk

I was privileged and thrilled to be personally invited to join in the IDG TECH Talk for March 29, 2018. Through this Twitter chat, hosted by the major technology publication, I got the opportunity to chat with experts in the cybersecurity, technology, and identity industries about the recurring troubles in the digital realm: who is ultimately responsible for a data breach involving multiple parties (as in the Facebook incident), what responsibilities do users have in protecting their identities, and how enterprises should alert their users in the case of a breach.

It would take a few articles to even scratch the surface of our conversation, so I encourage our readers to check out the IDG TECH Talk (under the hashtag #IDGTECHTalk) and read through all the side debates and questions themselves. However, we wanted to give you a sampling of what was covered and what we learned:

  • While there is a consensus among cybersecurity experts that enterprises should alert their users as quickly as possible in the event of a data breach, the method of how to alert users is a matter of some debate. Most digital communication carries the possibility of encouraging a spear-phishing campaign, and snail mail is often ignored.
  • Even experts aren’t sure if the Facebook incident counts as a data breach in the traditional sense of the word—there is too much debate on what users’ should expect from a “free” service and what should or should not be buried in user consent forms. No one is sure if this will even result in real changes in either Facebook’s or users’ behavior.
  • While some industries, such as banking institutions and healthcare, are perhaps more at risk than others—and any enterprise without a cybersecurity policy can be vulnerable—the experts agree: everyone is at risk for a data breach. The real question is who isn’t vulnerable.

Thanks again to IDG TECH for the invite, to Kathy White for moderating, and to all the experts I met in the chat for their expertise!

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner