Data protection is one of the single most important issues facing the tech industry today, both for consumer-facing businesses as well as those catering to enterprise customers. Just earlier this month, Facebook was hit with a new kind of data breach in which hackers misused legitimate functions on the site to scrape and collect data containing personal information from 533 million Facebook users in 106 countries. An increased variety in data breaches and security threats are becoming more commonplace, and the sophistication of breach actors has elevated. The potential for data misuse has also skyrocketed with the large volumes of data collected and stored by businesses. Cybersecurity solutions have become the darlings of entrepreneurs, venture capital firms and the public markets.

Consumers have higher expectations and an appetite for more stringent protection of their personal data. This has been evidenced by the recent and ongoing enactment of privacy legislation both at the state level in the US and in countries abroad. In fact, less than one year after enacting California Consumer Protection Act (CCPA), one of the strictest privacy regulations in the US, California voters approved an amendment to further increase personal data protections for California residents. The augmented consumer protection legislation, or CPRA, is slated to go into effect in 2023.

In this regulatory and business environment, data and privacy protections are becoming a competitive differentiator for tech companies as they compete for customers and users. To stay competitive, companies will need to build a robust, multi-disciplinary data protection foundation that encompasses product design, data security, privacy operations and training.