While data breaches will continue to happen often, the focus is now on how organisations will respond.

Phishing, ransomware, DDoS attacks, privilege access credential abuse and endpoint security attacks are expected to increase in 2022. Additionally, attacks on IoT devices are becoming increasingly frequent.

A focus on third-party risk management must be ensured. Most organisations that experienced a data breach said the violation originated from granting too much access to third parties. Almost every product or service involves third parties in today's online businesses.

Businesses that don't take steps to protect personal data could face serious consequences such as administrative fines and lawsuits. Furthermore, companies that do not respond to an attack satisfactorily will face public criticism and hurt their brand and reputation.

Challenges:

• Data breaches and attacks are unavoidable and becoming more sophisticated every day. Organisations must keep up to date with technical solutions to prevent, detect and respond in an effective manner, as well as with adequate legal tools resort to mitigate adverse effects, notably those of a financial nature.

Actions:

• Carry out a risk analysis and implement an incident response plan to respond to any data breaches and cyberattacks swiftly.