3 ways the face of cybersecurity changed forever in 2018

Cyber security headlines fill our news feeds as the struggle between those who work to protect online data and those who would use that data for nefarious purposes continues. This year, we witnessed and lived through three particularly powerful historical impacts which are sure to have changed cybersecurity for years to come. What exactly happened and — and what can we expect to see as a result?

1. Cambridge Analytica: This political consulting firm based in the UK used data for strategic consulting. Earlier this year, they were accused of gathering personal information from over 50 million Facebook profiles to manipulate elections. We all cared about this breach because we could see, even feel, its impact as we realized that they manipulated us during elections.

Other hacks and breaches (including the September Facebook hack) faded from the public’s eye fairly quickly because privacy issues are abstract for most people. Would Cambridge Analytica’s incident be any different? Not really. What we’ve learned is that the latest data breach will grab the headlines – but only for a time.

Instead, people move on, perhaps assuming something will change. But changes don’t necessarily happen, even after such catastrophes. A brand braces for impact (corporations seem to recover while small businesses collapse under the costs). But unfortunately, consumers seem to have become complacent, reacting briefly with outrage before moving along with their lives: another breach, another day.

Don’t become complacent. You have to be your own privacy advocate. OpenVPN’s CEO Francis Dinha wrote, “The privacy issues around the Cambridge Analytica data breach are obvious and should serve as a cautionary reminder for everyone who uses the internet. All consumers must remember that nothing in life is free. Which platforms are taking your data and selling it? All of them.”

2. GDPR: European lawmakers attempted to support consumers by setting up regulations that gave individuals the ability to request from corporations their personal data collected and delete it. Unfortunately, they also gave hackers a new back door. “It’s a scary thought, but bad actors now have another means to steal your identity,” Dinha wrote. Hackers could pose as individuals and request a file of personal data. If organizations aren’t responsibly handling requests, it could require messy identity theft clean up — and that only If an individual is tracking their information closely enough to notice.

“These aren’t just potential threats,” wrote Dinha. “I’ve already seen an increase in emails to my own organization requesting information required by the GDPR. Our organization is vetting those requests very carefully, and I believe we’re already seeing scammers try to take advantage.”

3. Net neutrality repealed: In June, the FCC rolled back net neutrality. Without these regulations, individuals and businesses have no protection against corporations throttling data usage and data mining with unrestricted access. The only way to stay totally private? Never get online! Certainly, this isn’t a realistic option for the majority. Instead, as previously mentioned, you have to be your own privacy advocate — and advocate aggressively! Encrypt your data by using a VPN. Assume that anything you share online could be shared with the world. For business leaders, Dinha advises that they start by “rethinking how they store their data and begin to move to using the private cloud and private networks for collaboration.”

The best course of action for businesses, following these three historical events, is transparency. Be clear and upfront with customers about what kind of data you’re collecting, who else can or will see it, and what you’re doing with it. Trust is vital.