January 1, 2020, kicked off the enforcement of the California Consumer Privacy Act (CCPA). And while CCPA and a growing list of other regulations ensure data security is top-of-mind for enterprises doing business in California and worldwide, data breaches occur regularly around the globe.
For example, earlier this year more than 1,000 notable figures in the UK had their home and work addresses posted on a government website. The posting intended to simply highlight people on a New Year’s Honors list. Instead, sensitive personal information was made public for about an hour.
Regulations are key to driving good security behavior and enterprises are starting to make data security a priority, which is great and must continue. Maintaining the privacy of personal data is a legal matter, taken seriously by many countries and regions. BUT, experience tells us regulations alone won’t stem the tide of data breaches and we are likely going to continue to see breaches like the UK example above, even with robust legislation like CCPA or GDPR.
So…what can be done?