An organization can have security without privacy, but not privacy without security. Understanding and awareness of the nuanced ways security and privacy can be managed separately or as a dovetailed approach toward comprehensive risk management for an organization, and for the organizations’ end-users, patients or clients, is a critical step in achieving success. Information security and cybersecurity practices have traditionally been apportioned higher levels of resource and funding allocation within organizations, as well as commanding greater executive attention. However, recognition and appreciation for the protections of the data and information within the systems and networks have increasingly risen in the last several years. Administering and maintaining privacy of the data within the secure systems is now part of a contemporary holistic strategy which is deserving of evaluation and analysis to provide risk-informed decision-making. This increased awareness includes an elevated need to consider the implications of data privacy.
Information privacy or data privacy considers the risk to the individual from whom information is collected, processed, stored, transferred or disposed on identified information system utilized for streamlining business processes. The classification of data collected in addition to the relevant industry scope will implicate legislative requirements and industry standards for organizations to consider for compliance. Implicated privacy risk is best considered as relevant to security risk to the systems and network, for comprehensive risk management. The National Cyber Security Alliance (NCSA) leads Data Privacy Day in the United States and Canada to encourage greater privacy awareness and education, as part of the greater “STOP. THINK. CONNECT. ™ ‒ the global online safety, security and privacy campaign.”[1]
Kuma is proud to be a 2018 Data Privacy Day Champion, and to sponsor an International Association of Privacy Professionals Privacy After Hours event in Columbia, South Carolina in celebration of Data Privacy Day. We are looking forward to participating in South Carolina’s Data Privacy Day Seminar on January 30th, held at the South Carolina Department of Archives and History’s Auditorium. We are happy to host the Privacy After Hours event following the Seminar, to facilitate the gathering of privacy professionals as well as those supporting privacy-aware communities throughout the Columbia-area to gather, network and celebrate Data Privacy Day with one another at Main Street Public House.
Kuma is a privacy and security consulting company. We pride ourselves on being a small business and staffing each project with senior-level resources, whom have over 15 years of security and privacy experience, to every client engagement. Kuma has successfully delivered projects across numerous clients in the federal, state and local, and commercial sectors and maintains strong relationships across the privacy and security market to best position organizations of all size and maturity for success. We leverage our deep experience and knowledge to bring a non-invasive, light-touch to every client engagement that is always grounded in national security and privacy standards. Our staff supports organizational navigation of complex business drivers, technology controls and policy implementations to produce outcomes that matter. Kuma enables the ability to make risk-informed decisions while simultaneously maturing organizational security and privacy postures. Please check us out at www.kuma.pro or contact us with questions at info@kuma.pro.
[1] https://staysafeonline.org/data-privacy-day/about/
