In an era dominated by digital innovation, our digital footprints extend across countless devices and platforms, leaving a trail of our personal data everywhere. In this digital world, data is considered to be the most valuable asset compared to physical cash and service providers must work towards data protection and security. This underlines that cybersecurity/data privacy and its awareness are more important than ever. It’s crucial for both individuals and organizations to adopt robust strategies that protect data against external and internal threats.
Check out: Ncell starts Carrier Aggregation in Tri-bands for 4G
Growing threat of cybersecurity risks
Cyberattacks such as Phishing, Vishing, Qshing, malware, ransomware, social engineering, and data breaches are becoming more common and complex at the same time. These threats not only compromise personal/sensitive data but can also cause disruption to businesses, governments, and individuals. For individuals, it can result in financial loss, reputational damage, and even emotional distress. For businesses, the costs are even more alarming, including regulatory fines, financial loss, loss of customer trust, impact on the brand image and facing legal consequences.
Why cybersecurity and data privacy matter
Data is everywhere and the system in which the data resides must be very securely managed. Maintaining Confidentiality(C), Integrity (I) and Availability (A), in short CIA is the basic foundation in information security. On the flip side, data privacy violations expose individuals to the risk of having their personal information misused or sold without consent. While cybersecurity and data privacy serve different purposes, they are deeply interconnected, they go hand in hand. Cybersecurity measures protect the security of systems, networks, and data. Without strong cybersecurity, personal/sensitive data is vulnerable to exploitation. Conversely, data privacy ensures that personal data is collected and used ethically and securely, reducing the chances of that data being misused by malicious actors. In nutshell, maintaining CIA of Personally Identifiable Information (PII) is where Cyber Security and Data Privacy intersects.
Must read: Cybersecurity advisory issued for government employees
Context in Nepal
To strengthen the data security and data privacy, Nepal has published different byelaw and acts like Cyber Security Byelaws, Data Privacy Act 2018, but its really interesting to check how effectively are these laws regulated, implemented, measured and monitored. Still people in Nepal are easily giving their national ID, personally identifiable information (PII) without bothering its impacts, it shows the lack of awareness in these sensitive areas. It is really high time to be aware of the impacts of leaving the digital footprints, be it via social media or any digital platforms. It is important to be cautious about what we are sharing and with whom, in the cyber space. As public service delivery is also getting digitalized gradually, government websites, different applications and networks should be securely developed. Few hacks of websites, systems, digital wallets are already prevalent examples that show how much the necessity of security is required in Nepal.
Practical steps to safeguard both cybersecurity and data privacy
- Implement strong authentication methods: Multi-factor authentication (MFA) is a security feature that adds an extra layer of protection against unauthorized access to our personal and business accounts. Using strong complex passwords, changing it in periodic basic and ensuring MFA is enabled, across all accounts can significantly help to reduce the risk of data breaches.
- Limit social media presence: Lesser we post in social media, lesser is the chances of misuse of our personal data. Making our account private instead of public and sharing within only close private groups can reduce the chances of data being misused.
- Be transparent about data collection: Businesses should inform customers about the data they collect and use. Customers, in turn, should limit personal data that they share online, especially on social media platforms.
- Monitor and regularly update systems: Businesses or organizations should do routine security audits and software updates as they are vital for patching vulnerabilities and preventing cyberattacks. Implementation of automated tools can help monitor systems for unusual activity or unauthorized access. This should be defined in proper governing documents like policies, guidelines or procedures.
- Foster awareness and training: Organizations should educate employees/customers on best practices for cybersecurity and data privacy, including simulation of phishing attacks, cyber drills and on handling PII responsibly and measure its effectiveness as well. Customers, in turn, should be aware on their rights to know what and how their data are handled by organizations. For example, Ncell is also playing important role in raising awareness on these area via social medias, corporate websites.
- Not sharing passwords and one time password (OTP): Passwords are meant to be confidential; one should refrain from sharing the passwords and OTP to others. Unauthorized person can get reach to your financial account or personal account password through social engineering as well.
- Follow industry best practices: Following international standards such as ISO 27001 and ISO 27701 can be one of the ways to learn on how to safeguard systems and data, as they guide to follow the standard processes on securing the system and data. Ncell has recently achieved this certification, which shows Ncell is following internal best practices on securing their customers data. Check out: Ncell secures ISO 27001 and ISO 27701 certifications
- Educate children on cybersecurity and privacy: Parents should be aware of the importance of safeguarding data which they should teach their children as well. Children nowadays are more engaged in digital devices and platforms, which can take their personal data and your financial data example via different gaming apps. They should implement parental controls and educate their children about the impacts of the threats.
Do read: Ncell Integrated Data Center in Nakkhu
Conclusion: A shared responsibility for the digital future
As technology continues to evolve, individuals and organizations alike must take equal responsibility to safeguarding data. By fostering a culture of cybersecurity and privacy awareness and implementing privacy-conscious strategies, we can secure our digital future and build trust in an increasingly connected world. Different private and government organizations should proactively work towards raising awareness in people. Together we can prevent and safeguard the digital world.
Author: Suraj Rajak, Senior Engineer (Data Privacy & Cyber Security), Ncell
