Data Privacy Day: We live in a world where everything about us is data. While some information may be given willingly, other information is being captured invisibly. Consider a photograph, while you might be sharing an image of yourself, you’re also revealing more than just your winning smile.
An image’s metadata includes details about the camera, lens, and shooting settings, as well as information about the location and photographer. For a threat actor those details can build a different picture of you, one that can turn you into a victim.
If you want to protect yourself from hackers, then you have to be shrewd about the information you disclose. Think about who you are sharing your personal information with. Think about what information you are sharing. Think about where you are sharing that information.
Don’t invite strangers into your life by telling them all your intimate details on social channels. Think before you click. Anything that is public can be weaponised by malicious hackers.
Data Privacy Day: Organisations Face New Data Challenges in the Age of Generative AI
2025’s Data Privacy Day brings with it the sense of being at a crucial crossroads, particularly since Generative AI invaded our daily life.
For organisations, data is the essence of the company. It’s information about your customers, your employees, your intellectual property, your financial performance, and more. It’s the lifeblood that decisions are made on.
Data breaches can lead to mistrust and brand damage externally, while internally there is increased scrutiny from the board who are questioning the organisation’s security posture. If there’s not, there should be!
With data at the heart of everything, it would be amiss not to mention the potential disruption AI has introduced, adding another layer of risk. For organisations, controlling AI deployment usage while also identifying vulnerabilities within AI tools and AI development packages, is yet another headache for the security team to worry about.
On the flip side, harnessing the potential of AI to supercharge the way we utilise data can be monumental. For example, using AI to transform our approach to security by enabling faster analysis, decision-making and guidance, cutting through complexity to stay ahead of attackers.
We have seen malicious actors get increasingly aggressive with their threats. Ten years ago a ransomware attack was really obvious. Today these attacks are less obvious and can go undetected for a few weeks as threat actors look to obfuscate their presence.
Once they have extracted the information, it’s out of your control. However, while they’ve been creeping around, they could also have been laying incendiaries in case ransoms aren’t forthcoming, threatening to destroy the data which could leave your organisation unable to function. In addition, threat actors are starting to harness AI to write malware for ransomware attacks.
Every organisation must take action to protect the data it relies upon to function and that it’s trusted to protect. Know what is important, the attack paths that could be travelled should a threat actor gain access, then prioritise efforts to shut off these paths. It’s not rocket science but foundational security practices that will protect what matters most.
The author is Technical Director and Security Strategist at Tenable. Views are personal.
