Companies are expected to spend up to $55 billion dollars on efforts to comply with the California Consumer Privacy Act (CCPA), which is still working out its final rules after going into effect this month.
While many of us are still trying to figure out what impacts the law will have on enterprises’ digital practices, companies like MixMode are providing AI leveraged cybersecurity that can help ensure CCPA compliance as far as data security and orchestration go.
CCPA encourages companies to protect their networks against intruders who are trying to steal their data.
Unfortunately, the majority of network traffic analysis and network security monitoring tools available today simply won’t cut it when trying to remain in compliance with the new law, and in some cases, they may actually cause more issues than they solve.
Tools like MixMode can help organizations stay in compliance with the CCPA law because they have:
- Predictive capabilities to catch anomalous behavior and attacks in real time
- The ability to identify Zero Day Attacks
- Alert reduction and precision capabilities to ensure analysts have the bandwidth to give all alerts proper review
One of the most pressing concerns for companies under CCPA is that they must report a breach within 72 hours of it happening. According to the Ponemon Institute the average breach detection time for US companies is 196 days, which just won’t work with CCPA’s new regulations.
“As breaches are becoming all too commonplace, U.S. businesses can’t afford to ignore protecting the valuable, sensitive data they have been entrusted with,” said Phillip Dunkelberger, president and CEO of PGP Corporation. “Our study with the Ponemon Institute continues to demonstrate that companies whose data is not protected are not only facing expensive direct costs from cleaning up a data breach, but also a loss in customer confidence that has long lasting ramifications.”
In order to comply with CCPA, it is imperative that enterprises utilize a network security monitoring platform that has predictive capabilities and can surface attacks as they are happening. MixMode’s AI is able to create an evolving network baseline in only 7 days. By combining the latest threat intelligence with the most powerful Unsupervised AI in the industry, MixMode can identify anomalous behavior and zero day attacks immediately as well as surface known threats – ensuring that your organization can report breaches in a timely compliant fashion.
According to the law, companies will only have 30 days to comply with the law once regulators notify them of a violation. If the issue cannot be resolved, they can be fined up to $7,500 per record.
“If you think about how many records are affected in a breach, it really increases very quickly,” says Debra Farber, senior director for privacy strategy at BigID. “Since the bill was put together and passed in just a week, it will probably see some amendments,” she adds. “Things like the fine amounts are likely to change.”
The CCPA mandates that businesses be more careful about who is able to access their customers data, and that they tell customers what data they have gathered about them. That requires companies to be more conscious of what data they keep, where they keep it, and how vulnerable it is.
Although CCPA only applies to companies that generate more than $25 million in annual revenue, handle personal information of more than 50,000 people or devices, or earn more than half their revenue from selling personal information, it is likely that this will be the first in a trend of legal measures to thwart data theft.
Regardless of the law, even a partial breach can devastate an organization that stores any personal data. The Ponemon Institute reports that the global average cost of a data breach is $3.92 million and Security Intelligence reports that you’re more likely to experience a data breach of at least 10,000 records (27.9 percent) than you are to catch the flu this winter (5–20 percent, according to WebMD).
It’s time companies take whatever measures they can to protect private data, but it doesn’t have to be as difficult as the market makes it seem. Right now the cybersecurity industry is lacking employable security professionals, as well as drowning in false positives that are a huge time suck to any CISO. Autonomous AI security systems are a developing solution to these major roadblocks.
By arming themselves with advanced autonomous AI security systems that employ Unsupervised Learning to catch Zero-Day attacks within 5 minutes of a breach, companies can feel safe that they are in compliance with CCPA and wont end up forking up a fortune to cover the costs of a preventable disaster.
Many companies are currently struggling with managing their security and stretching their teams thin trying to cover both on-premise traffic as well as data stored in the cloud. With a multi-stream platform like MixMode, security teams can monitor all the enterprise’s traffic on one screen to better manage their network data.