The Ninja Sensei’s Logbook: What the biggest 2022 data breach cases can teach us

There’s a lot for us to unpack and take note of from the biggest 2022 data breach cases of the PDPC. As we move forward to data protection compliance this 2023, we must take what we can get as these will serve as a guide for us not to make the same mistake as other organisations have made.

What the biggest 2022 data breach cases have taught us

✅ Human errors in the workplace are frequent. And most of the time, the organisation suffers from them. With employees being the weakest link to an organisation’s cybersecurity, proper training for them is the best way to make them aware of the bad actors phishing them and their consequences.

✅ Use strong, unique passwords and enable two-factor authentication when this option is available. As much as possible, there must be laid out processes to ensure that every employee within the organisation follows this requirement.

✅ The more sensitive the data that the organisation manages, the more careful they must be. When it comes to a data breach in Singapore, it could also mean a much higher financial penalty. This also applies to the number of personal data that was affected. The higher the number, the highest the financial penalty to be imposed.

✅ There is no one size fits all approach when it comes to cybersecurity. Regardless of the number of security arrangements in place, if it does not cover an area that also needs protection, a breach could still occur unexpectedly.

✅ When engaging a vendor, make sure that you specify the vendor’s data protection obligation in writing, or else its mishap will be your organisation’s demise.

These lessons are just some of the things that organisations should remember to ensure compliance with the PDPA.

As always, caution must be observed at all times, especially since bad actors are getting more sophisticated with their tactics to infiltrate your organisation.

With this said, organisations alike must see to it that they have been proactive in ensuring a healthy posture of their cybersecurity to block any instances of a successful breach, especially when it comes to their employees.

P.S. Got questions or do you need help with your cybersecurity and data protection compliance journey? Don’t hesitate to reach out to your friendly cybersecurity and data protection experts at Privacy Ninja. We are always a text/call or email away!

📱 WhatsApp: +65 8750 4250

📧 email: ninjas@privacy.com.sg

This post first appeared on Andy’s LinkedIn wall. Follow us on the following pages for more updates! Facebook | Twitter | LinkedIn | YouTube | Website