Information Security News: Federal Judge Tightens DOGE Leash Over Critical Treasury Payment System AccessThe Register by Brandon Vigliarolo and Jessica LyonA federal judge has mandated stricter regulatory oversight on the integration of Dogecoin (DOGE) within the U.S. Treasury’s critical payment systems, following concerns about the …
Information Security News: TSA’s Airport Facial-Recog Tech Faces Audit ProbeThe Register by Brandon VigliaroloThe U.S. Transportation Security Administration’s (TSA) facial recognition program is under audit by the Government Accountability Office (GAO) due to concerns over privacy, data security, and potential biases. The audit will assess …
January 28th was Data Protection Day—a global reminder that privacy isn’t just a legal formality or an operational headache. It’s a fundamental pillar of trust.
If your business handles client or customer data (and let’s be honest, that includes almost every business these days), you have a responsibility to protect it.
Yet, too many still see data privacy as an afterthought—something to think about only when a breach happens, only when the regulators come knocking, only when customers start asking questions.
The truth is: Privacy isn’t just about compliance—it’s about competitive advantage. Businesses that prioritise privacy build stronger relationships, enhance loyalty, and set themselves apart in a world where trust is the ultimate currency.
And it’s not just about business. It’s about people.
Data protection is about more than preventing hacks and avoiding fines. It’s about protecting individuals from real harm.
Every time a company stores, tracks, or shares data without robust protections, it’s not just putting its reputation at risk—it’s potentially putting someone’s safety at risk.
Technology-Facilitated Domestic Violence (TFDV) is a stark example. Privacy failures, weak security policies, and a lack of user control can unintentionally enable abusers. From tracking location data to exploiting weak authentication measures, poorly designed systems can become tools of control and coercion.
These technologies weren’t designed for abuse. But because risk and compliance teams didn’t anticipate these threats, they have become tools of control. This is why businesses must think beyond compliance checklists.
So what can businesses do—not just on Data Protection Day, but every day?
→ Data privacy should be proactive, not reactive. Make explicit consent mandatory for all data sharing, and ensure customers can easily control and revoke access to their data.
→ TFDV and privacy concerns don’t stop at jurisdictional lines. If your business operates across regions, privacy protections should travel with the individual, not reset when they cross a border.
→ Cyber teams already track fraudulent logins and suspicious activity. Why not apply the same vigilance to patterns of coercion—such as repeated password resets, changes in account access, or unusual tracking permissions?
→ The real question isn’t “Are we compliant?”—it’s “Are we building safe, privacy-conscious systems?” Companies that lead with ethical privacy protections will be the ones customers trust the most.
Some businesses still resist strengthening privacy protections because it feels too complicated or too expensive.
But let’s be clear: The real cost of inaction isn’t a fine. It’s the loss of trust.
If your business had the power to prevent even one person from experiencing digital abuse, would you take that opportunity?
Because you do. Right now.
Every system you build, every policy you create, every decision you make about who gets access to what data has real-world consequences.
Data Protection Day shouldn’t be the only time we talk about this.
It’s an everyday imperative.
So, let’s move beyond just checking the box—let’s make privacy protection a competitive edge, an ethical responsibility, and a commitment to trust that lasts long after January 28th.
Read the original post on LinkedIn:
🔗 Original Post by Kim Chandler McDonald
Connect with the author on LinkedIn:
🔗 Kim Chandler McDonald
Information Security News Google Cloud Links Poor Credentials to Nearly Half of All Cloud-Based AttacksBy Matt Kapko, Cybersecurity DiveRead moreGoogle Cloud has reported that nearly half of all cloud-based cyberattacks can be traced back to weak or compromised credentials. Attackers frequently exploit poor password hygiene …
Please welcome our newest member from Trinidad, Dale Connell! Dale Connell is a seasoned Cyber Risk and Technology Lead within Deloitte’s Consulting service line at the Trinidad and Tobago office. With extensive expertise in information security strategy and implementation, Dale supports organizations across various industries …
Please welcome our newest CyAN member, Fatema Fardan, from Bahrain.
Fatema Fardan is a passionate and experienced Cyber, Digital, and Information Security professional with over 16 years of expertise in the financial and banking industries. She has successfully managed and delivered enterprise-level projects, including Information Security Strategy Design, Security Process Framework and Policy Development aligned with industry standards, Information Security Awareness Programs, Risk Assessments, and the implementation of IT and Security Systems tailored to organizational needs.
Fatema holds a Bachelor’s degree in Business Information Systems from the University of Bahrain (UOB) and combines her technical expertise with globally recognized certifications, including Certified Account Technician (CAT) from ACCA, Certified Information Security Manager (CISM) from ISACA, FinTech certification from Georgetown University’s McDonough School of Business, Project Management Professional (PMP) from PMI, and Cybersecurity Third-Party Risk Management (CTPRM). Currently, she is pursuing a Master’s degree in Cybersecurity with the University of London, supported by Royal Holloway University, reflecting her dedication to continuous learning and professional growth.
Fatema is an active contributor to the cybersecurity and local community, participating in initiatives such as inJAz and QUDWA, and is a strong advocate for women’s empowerment in technology, particularly in cybersecurity. As a member of Women in Cybersecurity Middle East (WiCSME), she mentors and inspires young women to pursue careers in the field. Her unique blend of technical knowledge, financial acumen, and project management expertise, along with her commitment to fostering diversity and inclusion, positions her as a distinguished leader and role model in cybersecurity.
We are thrilled to have Fatema join CyAN and look forward to her contributions!
Please join us in welcoming Fatema Fardan to our network!
Please welcome our newest CyAN member, Will Rivera, from the United States! Will Rivera is a seasoned leader with over 17 years of experience in advocacy and mission-driven organizations. As Managing Director at MyOwn Image, he drives nationwide efforts to combat technology-facilitated violence and promote …
In the previous parts of our series, “Cybersecurity: The Unsung Hero of Revenue Protection,” we’ve looked at cybersecurity as a strategic business asset, the financial implications of cyber threats, and its crucial role in fostering customer trust. This fourth instalment examines another crucial aspect of …
In an ever-evolving digital landscape, the rise of cyber threats has made cybersecurity a top priority for businesses worldwide. Historically, cybersecurity has been seen as a shield—a defensive mechanism to ward off attackers and protect our sensitive data. However, in this increasingly interconnected world, it’s high time we start recognising cybersecurity as more than just a defence system. It is, in fact, a strategic business asset and a powerful enabler for growth and innovation.
Cyber threats, if not adequately mitigated, can lead to substantial financial implications. However, the cost of these threats goes far beyond the immediate, direct losses.
Direct Costs
Direct costs are the immediate financial losses that occur as a result of a cyber attack. These can include theft of financial data, ransoms paid to unlock encrypted files in a ransomware attack, or fraudulent transactions made using stolen data. Furthermore, once an attack has been identified, businesses often face significant expenses associated with incident response, which can include the cost of investigating the breach, closing security gaps, and recovering lost data.
Indirect Costs
Beyond the immediate financial losses, companies also face substantial indirect costs in the aftermath of a cyber attack. These can often exceed the direct costs and have long-lasting impacts. They include:
Understanding these costs is critical to recognising the importance of proactive cybersecurity measures and investing in them accordingly.
Considering the significant direct and indirect costs of cyber threats, an investment in cybersecurity becomes not just a measure to protect the business but also a strategy to preserve and enhance its financial health.
Prevention of Financial Losses
A robust cybersecurity framework can help prevent financial losses by averting potential cyber attacks. This protection goes beyond securing digital assets; it also involves safeguarding the company’s reputation, customer relationships, and market position, which can have a significant impact on revenue.
Maintaining Operational Continuity
Cyber attacks often result in service disruption, which can lead to immediate revenue losses and long-term customer attrition. Investment in cybersecurity ensures the continuity of operations, thus maintaining revenue streams and customer trust.
Avoiding Regulatory Penalties
Investing in cybersecurity also helps companies comply with data protection regulations, thus avoiding the hefty fines associated with non-compliance. This is particularly relevant in sectors with strict regulations such as healthcare, finance, and others handling sensitive data.
Enhancing Customer Trust and Brand Reputation
A strong cybersecurity posture can enhance a company’s reputation, thereby attracting and retaining customers. In today’s digital age, consumers are more conscious about data privacy and are likely to favour companies that prioritise security.
To illustrate the power of cybersecurity as a business strategy, let’s look at the example of a leading e-commerce company. As an online marketplace that handles millions of transactions daily, it realised the potential of cybersecurity as a competitive advantage early on.
The company started by implementing robust cybersecurity measures, securing their customers’ sensitive information, and ensuring uninterrupted service delivery. This proactive approach to cybersecurity not only protected them from potential threats but also improved their reputation in the market, leading to increased customer trust.
The company went further by using their cybersecurity capabilities as a selling point. They highlighted their security measures in their marketing strategy, reassuring customers that their data and transactions were safe with them. This approach differentiated them in the competitive e-commerce market and attracted a considerable customer base that valued data privacy and security. As a result, they saw an increased customer retention rate and a significant boost in their revenues.
This case serves as a strong example of how a company can use cybersecurity as a business strategy to safeguard its interests, differentiate itself from competitors, and drive growth.
In conclusion, reframing cybersecurity as a strategic business asset rather than a mere defense mechanism allows us to harness its full potential. It enables us to look at cybersecurity in a new light, where it becomes a driver of innovation, a facilitator of growth, and an integral part of business strategy. This shift in perspective is the first step towards turning cybersecurity into a powerful business enabler.
Stay tuned for the next part of this series where we’ll delve into the cost of cyber threats and discuss how a robust cybersecurity framework can shield your business from potential losses.
Part 1: Reframing Cybersecurity: From Defence to Business Strategy In an ever-evolving digital landscape, the rise of cyber threats has made cybersecurity a top priority for businesses worldwide. Historically, cybersecurity has been seen as a shield—a defensive mechanism to ward off attackers and protect our …