National Cyber Security Alliance Reminds Organizations of All Sizes that “Privacy is Good for Business”

Washington, D.C. – In our ever-expanding digital world, American consumers are paying closer attention to the value of their personal information and how to protect and manage their privacy. To meet the needs and expectations of their customers, businesses must address their customers’ concerns about privacy and security by being transparent about the data they collect and use and what they are doing to protect it.

The National Cyber Security Alliance (NCSA), the nation’s leading non-profit promoting cybersecurity, is growing its STOP. THINK. CONNECT. campaign to include privacy awareness and education to better help consumers and businesses be thoughtful about the use and protection of data.

Data Privacy Day, held annually on January 28, is the signature event of NCSA’s privacy awareness campaign. The Theme for the Data Privacy Day is “Respecting Privacy, Safeguarding Data and Enabling Trust.” The day is dedicated to inspiring consumers to learn how to own their online presence and protect their personal information and to encouraging businesses to be open and honest about how they collect and use data.

According to 2014 NCSA survey, 74 percent of Americans feel that it is not easy to understand how their personal information is being used by reading the privacy statements or policies on websites and apps, which ultimately prevents them from taking steps to protect their personal information.1 Consumers are uninformed, in part, because they do not understand what data is being collected, how it is being used or with whom it is being shared and, therefore, do not know how to effectively manage their online activities. Since it is not readily apparent about how most companies collect and use information, businesses willing to make their data collection and use practices more accessible have a tremendous opportunity to build trust and confidence with their customers.

“Data Privacy Day and NCSA’s ongoing efforts are designed to raise awareness about the critical role that businesses play in the privacy landscape. Businesses should be aware that consumers are paying attention to their online privacy ‒ specifically how information is being used and how it’s protected,” said Michael Kaiser, NCSA’s Executive Director. “Establishing a culture of privacy awareness for your customers and employees builds trust between businesses and their customers. When organizations focus on good data stewardship by strengthening privacy and security practices, they build a safer, more trusted Internet for everyone.”

“With the rise of the digitized business, security needs to be a factor in everything we do, with an eye towards trustworthiness, transparency and accountability,” said Anthony Grieco, Senior Director of the Security and Trust Organization at Cisco. “All organizations must implement privacy and data protection practices as a critical component of a holistic IT security approach that includes trustworthy policies, processes, technology and people.”

“As a company dedicated to protecting data from exposure and misuse by cybercriminals, we share NCSA’s focus on empowering the public to enjoy their digital lives and their belief that security and privacy are inextricably linked,” said Andrew Lee, CEO of ESET North America and NCSA board member.

“The Better Business Bureau takes data privacy seriously. ‘Safeguard privacy’ is one of the eight BBB Standards for Trust that we require Accredited Business to practice, and that we advise for all businesses,” said Mary E. Power, president and CEO, Council of Better Business Bureaus. “The standard has three critical components: A business should collect only the customer data it needs; it should protect that information against mishandling and fraud; and it must respect customers’ preferences regarding the use of their information. Data Privacy Day is a good time to remind businesses that protecting their customers’ information is critical to building and maintaining trust.”

Consider taking the following Privacy is Good for Business actions to create a culture of privacy and security in your organization.

• If you collect it, protect it. Follow reasonable security measures to protect individuals’ personal information from inappropriate and unauthorized access.
• Be open and honest about how you collect, use and share consumers’ personal information. Clearly communicate your privacy practices and make consumers aware of any tools you offer to manage the use of their data.
• Don’t count on your privacy notice as your only tool to educate consumers about your data practices. Communicate clearly and often to the public about what privacy means to your organization and the steps you take to achieve and maintain privacy and security.
• Create a culture of privacy in your organization. Educate employees about their role in privacy, security and respecting and protecting the personal information of colleagues and customers.

Be Part of the Greater Campaign and Get Involved

NCSA encourages businesses and organizations to join STOP. THINK. CONNECT. and engage in the privacy awareness campaign. Our collective voice supports the shared mission and communicates the need for creating an Internet that respects and protects personal information. It’s easy to do and will help spread the word about the importance of protecting personal information and managing privacy. Encourage other organizations to protect personal online data by tweeting, “#Privacy is good #business. Check out these privacy tips for business: http://dprivacyd.info/1Cf1F6f”

Another great way for organizations and individuals to officially show support is to become a Data Privacy Day Champion. Champions represent those dedicated to respecting privacy, safeguarding data and enabling trust. Being a Champion is easy and does not require any financial support. Champions can include companies and organizations of all sizes; schools and school districts; colleges and universities; nonprofits; government organizations and individuals. For more information on how to become a Data Privacy Day 2016 Champion, visit https://www.stagestaysafe.wpengine.com/data-privacy-day/champions.

NCSA’s Recommended Privacy Resources for Business

The following is an assortment of business-focused privacy resources:

• Check out NCSA’s new “Privacy is Good for Business” infographic. http://dprivacyd.info/1mF680w
• Strong cybersecurity and privacy measures are essential to all businesses, regardless of size, to build and keep consumer trust. DHS’ Critical Infrastructure Cyber Community (C3) Voluntary Program has developed a Small and Midsize Business (SMB) Toolkit to help businesses understand the threat landscape and connect them with virtual, hands-on resources to enhance their cyber risk management practices. Specifically, the toolkit suggests top resources, which connects SMBs with industry and government-developed materials to enhance their privacy and data protection practices. Other content includes cybersecurity talking points and agendas for leadership discussions. Access the C3 Voluntary Program SMB Toolkit here: https://www.us-cert.gov/ccubedvp/getting-started-smb
• Visit trust.cisco.com for more information on Cisco’s Data Protection and Privacy Program.
• Can your employees catch a phish? Phishing is one of the main reasons companies get hacked. Visit http://protect.eset.com/esetsonit/ to take ESET/TODAY Show’s interactive quiz. The site also is full of engaging and useful information for both businesses and consumers.
• Visit http://go.bbb.org/data-privacy-day for the Better Business Bureau’s “Data Privacy Day Message for Business.”
• EDUCAUSE provides the higher education community with resources so that campuses can plan Data Privacy Day events and activities for students, faculty, and staff. In January and February, privacy-related guest blogs will be featured in the EDUCAUSE Review Security Matters column. www.educause.edu/dpd
• Does your company collect or use personal information? Make sure data is secure in every stage of its life cycle. To learn more, watch the FTC’s Start with Security videos, and order free copies of Start with Security: A Guide for Businesses.
• Privacy is young; some would say it is adolescent. But with adolescence come growing pains. We know that companies continue to struggle with where to sit privacy in the organization, how to integrate privacy into operations, how to ensure “privacy by design” or “privacy by default.” Who should the privacy officer report to? What should her title be? Should she focus on complying with laws or on strategizing data utilization? That’s why EY and the IAPP decided to join forces to uncover the common and leading practices in the field today in the IAPP-EY Annual Privacy Governance Report. https://iapp.org/resources/article/iapp-ey-annual-privacy-governance-report-2015-2

So that critical information about data protection is delivered to mainstream audiences, NSCA will co-host events with various groups both virtually and in several cities internationally. Business-focused events taking place to support Data Privacy Day are:

Data Privacy Day Events
#ChatSTC Twitter Chat: Privacy is Good for Business
Virtual (Twitter Chat)
Jan. 20, 2016 at 3 p.m. EST/noon PST
This chat will share tips on how businesses can be #PrivacyAware, better address consumer privacy concerns and practice data stewardship. Use #ChatSTC to join!

Mozilla and the Center for Democracy and Technology Event 
1776, 1133 15th Street NW, Washington, DC
Jan. 26 2016 at 6 p.m. EST
Join Mozilla and the Center for Democracy and Technology as they share strategies that startups can use to increase user trust and lower risk by making smart data decisions. Sign up to attend here:https://docs.google.com/a/staysafeonline.org/forms/d/1jBJpb3uW6v_7CQxJASE7hWvyoX3Sedsv89buYtS7sxQ/viewform

#ChatSTC Twitter Chat: Be #PrivacyAware This Data Privacy Day
Virtual (Twitter Chat)
Jan. 27, 2016 at 3 p.m. EST/noon PST
Join this #ChatSTC to get ready for Data Privacy Day. Get tips for protecting your personal information and owning your online presence, and learn how you can take action in support of the #PrivacyAware effort.

Privacy Ref Webinar
Virtual (Webinar)
Jan. 28 at 3 p.m. EST
Privacy Ref will share a presentation on “Kick-Starting a Privacy Program.” Privacy Ref will cover the 10 steps you can take to establish a strong privacy program. There will also be time for questions at the end of the presentation. Sign up here https://attendee.gotowebinar.com/rt/3615659697308280833

Data Privacy Day Launch – The State of Privacy
The Pew Charitable Trusts, 901 E Street NW, Americas Room, Washington, DC
Please note that the event will be available live online. Here is the link to register: dataprivacyday16.eventbrite.com
Jan. 28, 2016 from 10:30 a.m. – 2:00 p.m. EST
In 2015, there were pivotal changes regarding privacy in the U.S. and abroad. As the state of privacy continues to evolve rapidly, there is increased awareness and changing expectations from consumers and businesses. In honor of Data Privacy Day and in partnership with the Computers, Privacy and Data Protection Conference, NCSA will host leaders in data privacy from both sides of the Atlantic to initiate a practical and solutions-focused dialogue addressing the current and future state of privacy.

Registration and additional information here.

Data Privacy Day, Los Angeles
Morrison & Forester, 707 Wilshire Boulevard, Los Angeles, CA
Jan. 28 from 9:00 a.m. – 6:00 p.m. PST
Join Morrison & Foerster, the International Association of Privacy Professionals and the National Cyber Security Alliance for Data Privacy Day in Los Angeles. DPD Los Angeles will bring together privacy luminaries to discuss the fundamental issues facing businesses today. Privacy professionals will examine these questions and provide practical, actionable answers on many critical topics. For example, would you know how to detect a cyber intrusion? Listen and learn from a panel of IT professionals who can explain the anatomy of a hack in plain English. Have you practiced a tabletop exercise yet? Review the steps of an incident response plan with some of the most renowned cybersecurity experts in the industry. Finally, discover new updates in the cybersecurity regulatory landscape; learn how to deal with cloud providers; and identify how your privacy team can improve your company’s competitiveness. Registration is available here: http://www.mofo.com/resources/events/2016/01/160128privacyla

1 NCSA “Perceptions of Privacy Online and in the Digitally Connected World” survey. Heart+Mind Strategies conducted the national survey online with 1,000 U.S. adults ages 18 and up between December 27, 2013 – January 5, 2014. https://stagestaysafe.wpengine.com/download/datasets/12472/DPD%20Privacy%20Research%20Results%20Summary%20v3.pdf

About The National Cyber Security Alliance

The National Cyber Security Alliance (NCSA) is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with the U.S. Department of Homeland Security (DHS) and NCSA’s Board of Directors, which include representatives from ADP; AT&T; Bank of America; BlackBerry; Cisco; Comcast Corporation; ESET; Facebook; Google; Intel; Logical Operations; Microsoft; PayPal; PKWARE; RSA, the Security Division of EMC; Raytheon; Symantec; Verizon; and Visa. NCSA’ s core efforts include National Cyber Security Awareness Month (October), Data Privacy Day (January 28), and STOP. THINK. CONNECT., the global online safety awareness and education campaign led by NCSA and the Anti Phishing Working Group, with federal government leadership from DHS. For more information on NCSA, please visit stagestaysafe.wpengine.com/about-us/overview/.

About NCSA’s STOP. THINK. CONNECT. Privacy Awareness Campaign

The National Cyber Security Alliance’s (NCSA) privacy awareness campaign is an integral component of STOP. THINK. CONNECT. ‒ the global online safety, security and privacy campaign. Data Privacy Day is the signature event for the campaign and is officially organized by NCSA in North America. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Cisco, ESET and TRUSTe are Leading Sponsors of the 2016 privacy awareness campaign. Intel is a Contributing Sponsor. Lockheed Martin and Passcode are Participating Sponsors. Supporting Sponsors include CPDP2016, ExpressVPN, Mozilla, Privacy Ref, Privacy Salon, PRIVATIZE ME and PRIVATE WiFi. The hashtag for NCSA’s privacy campaign efforts is #PrivacyAware.

Media Contact:

Jessica Beffa
Thatcher+Co.
720-413-4938
ncsa@thatcherandco.com