Tsaaro Weekly Privacy Newsletter
11th March, 2022
Tsaaro Weekly Privacy Newsletter
11th Mar, 2022

In the age of Hybrid and Remote workspaces, is your data safe?

In an early 2021 survey by Gartner, it was predicted that about 51 percent of all knowledge workers across the world are expected to be working remotely by the end of 2021. As a part of the survey, it was anticipated that the United States will lead in terms of remote workers in 2022, accounting for 53 percent of the US workforce. In Europe and the UK, remote workers will represent 52 percent of its workforce in 2022.

The growing shift towards hybrid and remote working suggested that by 2024, organizations will be forced to bring forward digital business transformation plans by at least five years. Those plans will have to adapt to a post-COVID-19 world that involves permanently higher adoption of remote work and digital touchpoints.

For multinational enterprises that wish to win and keep their consumers’ trust, data privacy is a commercial need. It’s no secret that the global community is working hard to achieve this goal, as demonstrated by the rising number of data privacy legislation, necessitating the development of a solid technological backbone for efficient enforcement and supervision.

The ever-changing landscape motivates businesses to align technology forward towards a safer world, where global citizens’ data privacy may be protected.

Globally, 16% of companies are fully remote according to an Owl labs study. This same study found that about 62% of workers aged 22 to 65 claim to work remotely at least occasionally. As we continue to navigate the unpredictability, it’s critical to plan ahead and design solutions and measures your company can take to guarantee you’re prepared for times when data security is at risk. 

Do you have the greatest infrastructure to mitigate data privacy risk and combat future cyberattacks, and are you doing everything you can to educate your workforce on safe data sharing practices? Remote working isn’t going away anytime soon, so it’s up to us to remain ahead of the curve and have the tools and policies in place to keep our data safe and secure.


Take the necessary steps to safeguard your organization as a DPO, read more to know how you can do it.

Major Privacy Updates of the Week

Samsung becomes a victim of hacking group Lapsus$.

Another tech giant falls into the prey of Lapsus$ after ransomware hit. Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” the company said. Lapsus$ claimed it had stolen 190GB of confidential data, including source code from Samsung, and has posted the same along with a snapshot on their telegram channel.

Read More

Samsung becomes a victim of hacking group Lapsus$.

Another tech giant falls into the prey of Lapsus$ after ransomware hit. Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” the company said. Lapsus$ claimed it had stolen 190GB of confidential data, including source code from Samsung, and has posted the same along with a snapshot on their telegram channel.

Read More

A serious threat to critical infrastructure after vulnerabilities, found in APC Smart-UPS products.

Uninterruptible power supply (UPS) products made by Schneider Electric subsidiary APC are affected by critical vulnerabilities that can be exploited to remotely hack and damage devices, according to enterprise device security company Armis.  Armis researchers have identified three vulnerabilities in APC Smart-UPS devices, which they collectively named TLStorm. Armis researchers have analyzed the communications between the APC Smart-UPS devices and their remote management services and discovered vulnerabilities in the TLS implementation and a design flaw related to firmware upgrades.

Read more

A serious threat to critical infrastructure after vulnerabilities, found in APC Smart-UPS products.

Uninterruptible power supply (UPS) products made by Schneider Electric subsidiary APC are affected by critical vulnerabilities that can be exploited to remotely hack and damage devices, according to enterprise device security company Armis.  Armis researchers have identified three vulnerabilities in APC Smart-UPS devices, which they collectively named TLStorm. Armis researchers have analyzed the communications between the APC Smart-UPS devices and their remote management services and discovered vulnerabilities in the TLS implementation and a design flaw related to firmware upgrades.

Read more

Google to acquire Cybersecurity firm Mandiant for 5.4 Billion deal.

Google agreed to acquire cybersecurity company Mandiant for $5.4 billion, its second-biggest deal ever. With Mandiant, Alphabet’s Google gets more tools to protect its cloud clients by responding quickly to online threats. The company is working to recruit and support cloud customers amid stiff competition from Microsoft and Amazon.com. In a Google Cloud statement, the company said that organizations are facing ever-increasing cybersecurity challenges. Mandiant was pivotal in discovering the SolarWind supply chain attack. The attack is attributed to the Russia-linked APT29 cyber espionage group also known as Cozy Bear.

Read more

Google to acquire Cybersecurity firm Mandiant for 5.4 Billion deal.

Google agreed to acquire cybersecurity company Mandiant for $5.4 billion, its second-biggest deal ever. With Mandiant, Alphabet’s Google gets more tools to protect its cloud clients by responding quickly to online threats. The company is working to recruit and support cloud customers amid stiff competition from Microsoft and Amazon.com. In a Google Cloud statement, the company said that organizations are facing ever-increasing cybersecurity challenges. Mandiant was pivotal in discovering the SolarWind supply chain attack. The attack is attributed to the Russia-linked APT29 cyber espionage group also known as Cozy Bear.

Read more

The European Commission proposes to new Data Act.

As part of broader proposals for a new Data Act, the European Commission has proposed new restrictions on who can use and access data collected in the EU across all economic sectors. The proposal marks a significant shift in the EU’s approach to the data economy. It aims to challenge the constitution of data monopolies across various sectors, by reshaping existing power structures that favour large data incumbents and moving to solidify data as a non-rival good.

Read more

The European Commission proposes to new Data Act.

As part of broader proposals for a new Data Act, the European Commission has proposed new restrictions on who can use and access data collected in the EU across all economic sectors. The proposal marks a significant shift in the EU’s approach to the data economy. It aims to challenge the constitution of data monopolies across various sectors, by reshaping existing power structures that favour large data incumbents and moving to solidify data as a non-rival good.

Read more

Global IT companies raised concern over India’s Data Protection Bill.

Global technology groupings have come together to express their “strong concern” over the recommendations of a Joint Committee of Parliament on the data protection Bill. The recommendations “run counter to global standards” for data protection and competition, the associations said whose members are global IT companies. They added many of our joint member companies in India and from across the globe will be significantly impacted by the report. To ensure the success of India’s first comprehensive data protection law, we respectfully request MEITY to launch additional stakeholder consultations before introducing the Personal Data Protection (PDP) Bill in Parliament.

Read more

Global IT companies raised concern over India’s Data Protection Bill.

Global technology groupings have come together to express their “strong concern” over the recommendations of a Joint Committee of Parliament on the data protection Bill. The recommendations “run counter to global standards” for data protection and competition, the associations said whose members are global IT companies. They added many of our joint member companies in India and from across the globe will be significantly impacted by the report. To ensure the success of India’s first comprehensive data protection law, we respectfully request MEITY to launch additional stakeholder consultations before introducing the Personal Data Protection (PDP) Bill in Parliament.

Read more

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro