The pandemic practically forced companies to migrate online, so there wasn't enough time for most to prioritize data protection. The LGPD (Brazilian General Data Protection Law) arrived in the midst of this scenario, and the world's attention turned to privacy issues, generating a race against time for security.
The Regional Center for Studies on the Development of the Information Society (Cetic) conducted a survey that showed that only 4 out of 10 companies take steps to... data protection.
The study, which surveyed more than 4 business owners between August 2021 and April 2022, also showed that, although the number of companies seeking greater protection is still low, Protective measures against data breaches have increased considerably by 42% since 2020.
Hacker attacks also increased.
In the first half of this year, the hacker attacks These incidents increased by approximately 10% compared to last year, highlighting the need for companies to take stricter measures to protect their systems.
An interesting finding from the research is that the sectors investing most in data protection are the information, technology, and communication sectors, with an average of 50% of companies adopting preventative measures. The logistics and commerce sectors follow with averages of 43% and 38%, respectively.
Among the sectors that pay the least attention to prevention practices are industries and accommodation and food service companies, which appear as only 18% of those interviewed.
Furthermore, only 30% of companies conduct regular training aimed at creating a culture that prioritizes data protection.
How can companies proceed?
In an interview with Canaltech, Luis Santos de Azevedo, IT manager at Uze, a company focused on credit solutions for retail, highlighted the importance of creating a data protection culture in companies: “In today's digital environment, the most important form of prevention is raising awareness among employees, who are on the front lines, handling personal data in their daily work routines. We need to address this issue, understanding that it's part of the routine. We are the weakest link and the most vulnerable target. It is fundamentally important that companies pay attention to people, and not just to processes and technologies. This is the first pillar for achieving success when it comes to security.”
It is also essential that companies create ways to map the data flows in their systems, because what is not measured cannot be evaluated, and furthermore it is important that they also invest in systems that assist in the process of adapting and managing this data.
And finally, every company needs one. data protection officer to manage tasks related to compliance and thus help create greater awareness within the company about the need for proper handling of this data, where, in the end, everyone wins.
