menu
menu
This week, from January 26th to 30th, 2026, the world will observe Data Privacy Week. This global initiative aims to encourage individuals and businesses to prioritize data privacy, protect sensitive information and build trust. In our fully digital society, privacy has become more important — and harder to safeguard — than ever.
Data Privacy Week is a great time for organizations to reassess their data protection measures and consider best practices to ensure the security and privacy of customer information. For Diligent, Data Privacy Week is a time to reflect on all that we are learning about cybersecurity best practices for practitioners, directors and C-suite leaders. Below, we've compiled highlights from a few of our favorite current resources created in partnership with cyber thought leaders.
Data privacy is the cornerstone of building trust with customers. Today, consumers are more aware of how their personal information is collected, used and shared. The tension between what is legally permissible and what customers expect is a central issue in data privacy.
"Every company's data governance framework might be a little bit different, but broadly speaking, a couple of guiding principles are important." — John Rodi, Co-Leader at the KPMG Board Leadership Center
In this episode of Inside Today's Boardroom, John Rodi, Co-Leader at the KPMG Board Leadership Center points out that companies must navigate this fine line carefully. Balancing legal requirements with customer expectations is crucial for maintaining trust and ensuring customer satisfaction.
Organizations face a range of data-related threats that can undermine customer trust and security. Key risks include:
Rodi emphasizes the importance of understanding these risks and keeping boards informed. Effective management of these threats is essential to protect sensitive information and uphold privacy standards. Companies must remain vigilant and proactive in identifying and addressing these risks to prevent data breaches and ensure compliance with new privacy regulations.
Break down silos and build a proactive, collaborative cyber strategy today
A strong data governance framework is vital for safeguarding customer data. Here are some guiding principles to establish such a framework:
Organizations should also establish a system for maintaining compliance with laws and regulations. This includes regular updates to keep the governance framework current with evolving privacy laws and industry standards. A cross-functional team can help manage and oversee data use effectively, ensuring all departments are aligned in their efforts to protect customer data.
By taking these steps, organizations can build a solid foundation for data governance, helping to protect sensitive information and maintain customer trust.
Generative AI (GenAI) brings unique challenges that require careful attention to ensure data privacy. These challenges include:
Rodi highlights the need for organizations to maintain a thorough inventory of where and how AI is being used. Implementing a responsible AI policy that reflects the company’s values and adheres to ethical standards is crucial. Such a policy should include clear guidelines for the development and deployment of AI systems, ensuring transparency and accountability.
Regular assessments and updates to these policies help in adapting to new risks and regulatory changes. Establishing a cross-functional team to oversee AI usage ensures that all departments are aligned in managing AI-related risks. This team can provide ongoing monitoring and address any emerging issues promptly. By taking these steps, companies can mitigate the risks associated with generative AI and maintain customer trust.
The rise of GenAI has significantly changed the cybersecurity landscape, presenting new and complex challenges. Cybersecurity teams must stay ahead of these developments by continually reviewing and updating their security measures. This includes:
Rodi underscores the necessity for companies to adapt their cybersecurity protocols in response to the evolving threat environment. This proactive stance is essential for defending against sophisticated cyber threats, such as the creation of more realistic deepfakes or the automated generation of malicious code.
Implementing robust security measures and fostering a culture of vigilance within the organization can help mitigate these risks. Ensuring that employees are trained and aware of the latest security practices and potential threats is also crucial. Regularly updating and testing security systems will help organizations maintain strong defenses against potential cyberattacks, thereby protecting customer data and preserving trust.
Creating a culture of privacy respect within an organization requires a multifaceted approach that goes beyond mere compliance. It starts with a commitment from leadership to prioritize data privacy and integrate it into the company’s core values. This commitment must be clearly communicated throughout the organization, emphasizing the importance of protecting customer data as a critical element of the company’s mission.
Our Education & Templates Library, available through the Diligent One Platform, includes a Cyber Risk & Strategy Certification developed by the Diligent Institute and McNees Wallace offering a comprehensive introduction to cyber security designed to build foundational literacy and knowledge. Tailored for practitioners, directors and leadership, this content contains essential modules about cyber and data privacy regulation for safeguarding organizations. By equipping you with the tools and knowledge to navigate this complex topic, we aim to empower you to make informed decisions and protect your organization in the digital age.
As your organization marks Data Privacy Week, it’s an ideal moment to turn these insights into a concrete plan for stronger data governance, cyber resilience and responsible use of GenAI. From clarifying board oversight to defining roles across the CDO, CIO and CISO, the steps you take now will determine how well you can anticipate emerging risks, meet rising stakeholder expectations and preserve customer trust in 2025 and beyond.
As a Leader in the 2025 Gartner Magic Quadrant for Governance, Risk and Compliance Tools, Diligent partners with boards, executives and practitioners to make cyber and data privacy risk more visible, understandable and actionable. Through the Diligent One Platform and our Education & Templates Library — including the Cyber Risk & Strategy Certification — we help you build the literacy, frameworks and oversight needed to safeguard customer data and stay ahead of evolving regulations.
If you’re ready to strengthen your data protection strategy, we’re here to help. Get in touch with Diligent today to speak with an expert or request a personalized demo, and discover how we can support your organization in protecting customer data with confidence.
