With the new year, there is a lot to be excited and concerned about in the area of cybersecurity and data privacy. This article identifies some key issues that should be top of mind in this area and thoughts on how they may affect the retail sector this year.
Increasing Cybersecurity Incidents
In 2023, businesses should be aware of the continued rise in the frequency and severity of cybersecurity incidents. While some threat actors are engaged in other activities, the value of cybersecurity breaches continues to attract new participants. Notably, state-sponsored activities from countries like Iran and China are targeting critical infrastructure and commerce. Additionally, ransomware tactics are evolving, with an increase in data theft and deletion without traditional encryption methods.
In 2023, the California Privacy Rights Act (CPRA) takes effect, enhancing privacy protections for California residents. This regulation is part of a broader trend, with similar laws enacted in states like Utah, Colorado, and Virginia. These regulations require businesses to disclose data collection practices and grant consumers rights regarding their personal information. As the regulatory landscape becomes more complex, businesses must adapt to comply with these evolving requirements to avoid potential fines and enforcement actions.
Cyber Insurance Challenges
Businesses are encountering rising cyber insurance rates and increased scrutiny from insurers. As the costs associated with cybersecurity incidents grow, insurance companies are requiring businesses to actively address cybersecurity risks before policies can be obtained. This includes implementing basic controls like multi-factor authentication. Additionally, businesses must continuously monitor their activities and update their insurance disclosures to avoid potential coverage denials.
Sign in with LinkedIn