COVID-19, the California Consumer Privacy Act (CCPA) coming into force, and the invalidation of the EU-US Privacy Shield already made 2020 an especially active year for privacy and data security risks and obligations. Rounding out the year, December then brought discovery of the unprecedented Solarwinds cyberattack affecting government agencies, critical infrastructure entities and others.
Thus, looking ahead, organizations must keep up with the dynamic and increasing legal obligations governing privacy and data security, understand how they apply, monitor risks and attack trends, and manage their compliance to minimize exposure.
