COVID-19: Triggering Event for Reassessing Risk and Adequacy of Data Privacy and Security Controls

This post was co-authored by Christopher J. Bender, Northcross Group.  Mr. Bender will be joining me on a panel at the Practising Law Institute’s December 2020 virtual seminar, “Fundamentals of Privacy Law 2020.”

COVID-19 measures have driven workplace operations beyond what most businesses ever planned.  The constructs of a remote workforce and virtual interactions between teams and customers are going to be major components for how business is conducted for the foreseeable future.  Many businesses are even seeing potential benefits from these scenarios, like savings in physical office needs and reduced lost productivity from travel—and looking to make these permanent.

With most people working from home networks and using a combination of company and personal devices, the ecosystem of data and processing has significantly expanded and changed.  The effectiveness of tools and methods to monitor and identify threats is different within this new operating model.  As a result, organizations must reevaluate their cybersecurity and privacy risks and controls