Loss of Privacy in the Digital Era – Trust is the Future Capital for Organisations

How data transparency and cybersecurity can help to achieve a competitive edge.

Text: Linnea Sinkkilä

While the value of data is rising, the loss of privacy in the digital era is becoming a reality. For individuals, this does not necessarily mean an Orwellian dystopia is about to take place – on the contrary, in exchange of personal data we can ease the daily life by letting smart technology take care of our needs. But giving up personal data requires trust: consumers need to be able to trust organisations to handle their data ethically and keep it safe from hackers, and other cyber threats – but also from the more obscure purposes organisations themselves might have.

Data is the currency of the digital age. Some organisations understood this long before others and have been able to capitalise on data, sometimes without explicit consent from the users. As the usage of personal data is becoming more regulated as the European GDPR or California Consumer Privacy Act show, demand for data is nonetheless higher than ever: with AI stepping in, organisations are looking to gather even more data to train their machine learning algorithms.

Meanwhile, people’s trust in how companies handle their data is fading – over 2/3 of Americans do not trust companies to sell personal data ethically. But the convenience of connected, smart devices still ensures that people are willing to give up personal data despite the risks associated with smart technology.


Smart technology connects us to the internet, constantly transmitting data about our behaviour, habits, tastes, and even health. As our lives are more and more entwined with smart technology, apps and online platforms, it is now close to impossible to opt-out entirely. Letting smart devices collect user data seems to be the inescapable trade-off in online interaction, even if it costs our privacy and makes us targets for personalised marketing and, more unsettlingly, to cyberattacks and identity thefts.

While most people are aware of the privacy and cybersecurity issues related to smart technology, they still carelessly engage in risky online activities such as using public Wi-Fi networks or letting webpages to their save credit card information. In fact, in a cautionary experiment done by F-Secure, it turned out that some are even ready to give up their firstborn child just to gain access to a free Wi-Fi. As this experiment shows, a careful reading of terms and conditions can be too much of a hassle, especially when we are constantly bombarded with an overwhelming amount of different licence agreements.

Even though people may personally have lax attitudes towards online security, they still expect organisations to diligently protect their user data and handle it in a safe, ethical and transparent way. But as hackers attack every 39 seconds and data-breaches are becoming more common, it is no wonder that the general population’s trust in organisations’ ability to keep their data safe is eroding.


In addition to cyberattacks, consumers worry about companies using their data for commercial purposes without consent. As data is being increasingly commoditised, some companies may see this as an opportunity to grab all consumer data they can and use it as they please, expecting people to just get over it. However, organisations with such arrogant attitudes towards personal data may soon discover the short-sighted nature of this strategy: once lost, the trust may never be gained back.

It is no longer just data, then, that should be seen as an economic asset. If organisations fail to take necessary action to ensure cybersecurity and invest in privacy policies, they may experience significant financial losses in addition to losing reputation – ultimately, this may even kill a company.

While the issue of privacy has become more central than ever, organisations are just beginning to realise that trust and transparency will be the critical factors in gaining consumers’ confidence in the future. Organisations that allow people to have more control over their data, are transparent about its use and their data protection measures and, most importantly, give fair value in exchange for it, will likely gain a competitive edge.

Therefore, getting ahead in the internet privacy and security game is imperative to any organisation willing to make their business thrive in the digital era.


Smart devices continuously collect and transmit masses of user data, creating vast databases for organisations to dig in. Development of artificial intelligence is likely to accelerate this trend even further and raise the analysis of personal data to a whole new level.

In the future, as technology becomes more ubiquitous with cameras and monitors embedded in the built environment, giving consent to the usage of personal data becomes next to impossible.

This development could also lead to an increasing amount of cyber hazards, eventually leaving people helpless in efforts to protect their privacy. But as governments and legislators are stepping in to ensure data privacy and security, they are also stepping on the toes of organisations deploying machine learning algorithms that rely on consumer data.

Finding a solution to the loss of privacy in the digital era that works for all parties is not an easy task, then. But changing the way consumers and organisations perceive privacy could alleviate the discords around privacy in the future: instead of regarding data as a commodity, it should be seen as information that, when given a chance to flow freely, can bring significant benefits for organisations, consumers and the whole society in general.

Similarly, re-thinking privacy and data security as a product to be offered for customers could help in building a holistic, transparent approach to data protection within organisations and thus win back consumers’ trust.


To write this article, Futures Platform’s futurists have collected the data from different phenomena and studied linkages between them. Here are the three colliding phenomena that are shaping the future of data privacy.  

Rising Value of Data

Data has become the new strategic raw material for the world economy. As the amount of data on the Internet will increase exponentially in the coming decades, we are moving into a data economy, which will open doors to success for completely new kinds of players. A key driver of this development is the rapid increase in the number of devices connected to the Internet and especially the emerging Internet of Things (IoT).  

Right to Privacy

People carry an increasing number of mobile devices that are always connected to Internet services as well as other devices in their vicinity. This enables continuous surveillance and monitoring, as well as accurate profiling. Piece by piece, this development eats away our right to privacy. With the Internet of Things (IoT) and 5G increasingly connecting more devices, the notion of privacy may be further transformed in the future. People may be increasingly willing to exchange privacy for the convenience offered by smart homes and devices.  

AI Machine Learning

Machine learning uses complex algorithms to analyse large data sets to produce probabilities and likeness between variables. It predicts outcomes based on past occurrences, pattern recognition, and statistics. Machine learning benefits primarily large companies or entities such as nation-states, who possess large data sets, and have the resources to analyse them. Usage of these data sets also raises questions about privacy, especially if the machine learning code will be released as open-source, and the data that exists in the public domain can be easily cross-referenced

This article was originally published on the Future Proof blog by Futures Platform

We’re on social media and we’d love you to give us a follow! You can catch us on LinkedIn and Twitter by using hashtags #cyberwatchFI #CyberCatchFI

“A seismic shift to digital independence is gaining momentum”

Cyberwatch Finland, CEO, Aapo Cederberg interviewed Harri Sundvik, Executive Chairman for Helsinki and London based cyber security company XXLSEC Oy, in early June. Harri had just returned from London to spend a few summer weeks in Helsinki. Highlights of their discussion are summarised below.

AC: Tell me a few words about your background.

HS: My roots are in Northern Finland, City of Raahe, which was once voted as the “most boring city” in Finland. Post my school years I studied in Helsinki and in London. An interview in the City of London in 1988 by JPMorgan led me to a 30 year banking career – where I have spent most of my years in investment banking work, advising Nordic companies in mergers and acquisitions and equity capital raising, most of this in technology related deals. Post front line banking I have assumed a few Board roles and started advising technology start ups in their strategy initiatives and capital raising.

AC: How did cyber security come to the picture?

HS: The first deeper engagement came though my advisory work for Nokia, which back in 2000 decided to build their new enterprise strategy around key acquisitions and partnerships with security companies. A few years later I gained a new perspective to the same topic as I became member of the European Leadership Team for Bank of America Merrill Lynch. Among the memorable highlights were management meetings where the the Bank’s almighty CTO submitted proposals for cybersecurity investments worth millions of Dollars …and every single time the vote was a resounding “Yes”…in all honesty, we simply did not know better, and would not dare to stop any plans that the technology gurus were promoting.

The latest and definitely the most interesting step came my way just a couple of years ago when my long term friend Simo Salminen introduced me to the newly established XXLSEC team, and I was given the opportunity to join the team in the early stages of the Company’s development and global sales effort.

AC: Let’s talk about XXLSEC – what makes you different in the sector?

HS: As one of the forerunners to break new ground, XXLSEC has adopted the so called “Zero Trust” model as the key building block for all development work from the very beginning. At high level, the fundamental assumption – increasingly appropriate for this day and age – is that when you are faced with technologies, your complete your own Due Diligent before you assume that the presented technology or application can be trusted. This is a huge shift in the technology world where so much has been taken “at face value” especially when presented by any of the “Big Tech” names. This Zero Trust positioning is now gaining increasing momentum on global basis, strongly endorsed by Governments and leading enterprises.

As an extension of the Zero Trust philosophy, XXLSEC has introduced a product platform which is built on the principles of Clean Hardware and Clean Software. Again, XXLSEC has been one of the leaders in implementing this important concept for modern communication platforms. The Data Rain solution, and the just released Prive TX device, are shining examples of the work by the XXLSEC team. And there is more to come for sure.

AC: What are your perspectives on cybersecurity in today’s world given your London perspective and your global contacts. What is new when you look at the big picture?

HS: Fascinating time indeed, a couple of things that I would highlight in particular. One of the big picture themes at global and country level is that of Digital Independence and Digital Sovereignty. This stems partly from the current geopolitical climate. We have seen the news about China and Russia building their own internet. Equally, the leading EU countries have raised the need for Digital platforms which are not controlled by the powers in the West or in the East. Germany and France are making very strong public statements on this matter – and are prepared to back them up with significant financial commitments. This is worth watching very closely as it has implications at multiple levels.

This drive for Independence has attracted new focus on integrity.  This is where Zero Trust gets another expression. It is  clear that in the new world trust cannot be assumed – it has to be earned every day. And a certain degree of independence is absolutely necessary to be able to “walk the talk” with integrity. This independence is not going to be free for all – a strategic and financial commitment is needed to reach this ambition.

AC: Lets move this discussion to a lower level – what is happening in the corporate world from cyber perspective?

HS: As you have seen in the corporate headlines, the traditional “Big Tech” names are “playing defence”. Their earlier dominant market position has been restricted by the competition regulations and new practices. But, most interestingly for us,  the introduction of Zero Trust is challenging the market positions even further. Small and nimble technologies with true transparency will evolve at record speed. This is, in fact; a significant positive opportunity to build competitive edge.

AC: You mentioned that cybersecurity is gaining ground in the modern Sustainability Agenda – what do you mean by that?

HS: Interestingly, cybersecurity has moved to the very top of the Sustainability Agenda with two fundamental drivers.

Firstly, appropriate cybersecurity practices and investments are de facto seen as important elements in any Company’s “license to operate”. The writing on the wall is very simple: If you have not proactively invested in your cyber security platform, and ensured, among other things, that your processes and client data is covered, you simply do not have the credentials to run your business.

The second dimension stems from the now ongoing shift of working practices where we are facing a new cyber security challenge at the every day working level. People have moved their work stations to their homes – but the cyber security front line fire-wall is still in the office! This is the ultimate “Left Behind” horror story for pretty much all corporate CTOs and CIOs. There will be a few movies and books around in a year or so simply telling the sad story of rather dramatic cyber interventions which were masterfully executed at this extraordinary time.

The increased focus on cybersecurity, and some recent high profile “accidents”, have led to another shift in mindsets and relevant strategies. In the old world the highest level of security used to be the privilege of just a handful of people or some top secret Government or military entities. In the present and new word the scope of “critical infrastructure” has increased dramatically – and the amount of people  and organizational entities requiring the highest level of security, has increased dramatically.

AC: We discussed the overriding technology shift to the Cloud – any view on this you want to share from cyber perspective?

HS: There is a real “headache” in the corporate world in the ongoing movement to use the Cloud to store and process important data. Sadly the trust and security considerations in this move have been kept in the “back-seat” all too long. The good news is that there are advanced technology solutions emerging to tackle this challenge. In particular the latest MPP/MPC based technologies are a significant step forward to create an advanced security level.  Some industries will lead the way – we will soon see multiple healthcare related applications – people have been all too trusting in this respect…

AC: I take it that living in London, you have been following the UK Government / Huawei discussion very closely. Any perspectives you may want to share – what is going to happen?

HS: This is happening as we speak, so a very tough call to make. As you remember Boris Johnson’s Government actually approved last year a limited non-core role for Huawei in the build out of the new 5G networks. Post this decision, the critical views on the decision have become stronger. The Special Committee which was asked to review the matter, is expected to come up with a new ruling sometime in June – July. It would not be a surprise to see the Johnson government tightening their ruling even further – if not blocking the Huawei access to the 5G UK market altogether.

AC: You shared a great summer picture from your north London home surroundings in Hampstead with a familiar looking red phone boot. Is there more to this romantic London picture than what meets the eye?

HS: I knew you would love the setting! But in all seriousness, this actually sumps up our conversation. As you know the British are the best in the world of sticking to things which have been “tried and tested” over the years – the red phone boot is the ultimate proxy for a comfort toy in cybersecurity: you might be tempted to thing that the old was good. But there must be a reason why these phone boots have pretty much disappeared from the face of the earth. The front line has shifted – it is time to move on – and fast!

Mr. Harri Sundvik, Executive Chairman for cybersecurity company XXLSEC Oy

Read the latest Cyberwatch Finland magazine

We’re on social media and we’d love you to give us a follow! You can catch us on LinkedIn and Twitter by using hashtags #cyberwatchFI #CyberCatchFI

Cyber Summer Catch 2020 event

Cyberwatch Finland collaboration with Monti Stampa Furrer & Partners AG had the great pleasure inviting you to the Cyber Summer Catch 2020 event, which took place on 28th of July 2020. The Cyber Summer Catch 2020 event brought together internationally recognized cyber security experts and professionals to exchange and share their experiences and thoughts about today’s most interesting topics

Thanks a million to all our guests, amazing speakers and the team behind the scenes – What a great Day! 

Did You miss the event? Don´t worry, the recording of the event is ready and waiting all of you.

In security matters, including cyber security, is always about the values and culture as well as trust we all are looking for.

Shaping a cyber culture requires perseverance, a willingness to make an impact and to improve our knowledge, learning and leadership.

Cyber ​​hygiene arises from small, very simple steps, but they also require skill and common sense.

 Want to download the presentations of the day?

You can send us questions at any time by filling out the contact us form



13.00 – 13.05 Mr. Tomi Kaukinen: An overview of the event

13.05 – 13.15 Opening remarks: A Comprehensive approach to cyber security – Aapo Cederberg, CEO, Cyberwatch Finland

13:15 – 13:35 How to create Cyber culture? – Rami Efrati, Managing partner of MFSPartners Innovations

13:35 – 13:45 Comments and discussion, moderated by Tomi Kaukinen – Panelists – Cederberg, Sundvik, Monti, Pahlman and Kenttälä

13:45 – 14:15 The role of OT-security in building Cyber culture – Franco Monti, Senior Partner, MSF Partners

Case Study – Going the Extra Mile in OT Protection – From Ambition to Hard Work

The threat landscape for critical infrastructure in the utility sector has worsened this year with ransom attacks happening in OT and COVID-19 creating confusion and obstacles in daily operations. The case study presented is about a large utility company which started three years ago implementing consequently OT Monitoring and Vulnerability Management in its substations and generation facilities. After protecting its hydro and nuclear facilities they started to tackle more complex areas such as assessing and protecting its Smart Metering IIOT infrastructure, Wind and District Heating. Our client was the first utility company in Switzerland who went beyond standard OT monitoring towards far more complex facilities inside OT such as IIOT. Participants will get an introduction about their challenges and achievements during these activities.

14:15 – 14:30 Comments and discussion, moderated by Tomi Kaukinen – Panelists – Cederberg, Sundvik, Efrati, Pahlman and Kenttälä

14:30 – 14:50 Cyber hygiene, practical steps? – Jani Kenttälä, CEO, Badrap Oy

14:50 – 15:10 Digital independence and zero trust is gaining momentum – Country, Corporate and Individual level perspectives – Harri Sundvik, Executive Chairman, XXLSEC Oy

15:10 – 15:30 Comments and moderator´s findings Aapo, Franco, Rami, Harri, Sauli, Jani and Tomi discuss the topics of the day

15:30 – 15:40 Closing remarks – Aapo Cederberg, CEO, Cyberwatch Finland

The event was moderated by Tomi Kaukinen


Mr. Aapo Cederberg, CEO and Founder of Cyberwatch Finland

Aapo Cederberg is an experienced cyber security strategist and analyst. Aapo have a unique strategic-level international expertise and understanding of Hybrid threats. Aapo really understands the complexity of the cyber world and hybrid warfare as well as having comprehensive strategic management skills and experiences. He has also extensive first-hand knowledge of the military defense. He is one of the authors of the first Finnish Cyber Security Strategy.

Aapo is a founder of Cyberwatch Finland with a firm focus on helping decision- makers to establish a holistic cyber strategy, to build situational awareness, and take the necessary steps to ensure cyber resilience.

Mr. Rami Efrati, Managing partner of MFSPartners Innovations, Former Head of the Civilian Division, Israel National Cyber Bureau, Prime Minister´s Office

Rami Efrati has served in the Israel Defense Forces for more than twenty-eight years. He commanded numerous prestigious operational and technological positions in Military Intelligence and received the Creative Thinking Award from the Director of Military Intelligence. Mr. Rami Efrati, is an expert in Cyber Strategic Methods and has many years of experience in anti-terrorism and Intelligence technology. Mr. Efrati is one of the founding members and former Head the Civilian Division of the Israel National Cyber Bureau in the Prime Minister´s Office. In this capacity, he raised Israel to a leading position in the civilian aspects of global cyber-security, brought multinational companies to open cyber R&D centers in Israel. Mr. Efrati has leveraged the existential cyber-threat to Israel, into a unique business opportunity encouraging the development of a large cyber ecosystem supporting hundreds of new cyber related startups.

Mr. Efrati is currently involved in international level strategic projects for cybersecurity and innovation. He is a managing partner of MFSPartners Innovations.

Mr. Franco Monti, Senior Partner, co-owner and co-founder of MSFPartners

Franco Monti is co-owner and co-founder of MSFPartners, a Swiss cyber security boutique with offices in Switzerland and Dubai. He can draw on many years of experience in protection for critical infrastructures (IT & OT/ICS). Over this period, he has accumulated a wealth of expertise in developing cyber security strategies and drawing up complex cyber security programmes. He takes responsibility for Swiss and international projects that focus on setting up security operations centres, introducing incident management and protecting IT and OT infrastructures. Franco has graduated in engineering at the Swiss Federal Institute of Technology (ETH) and in business administration at the University of St. Gallen (HSG).

Mr. Jani Kenttälä, CEO, Badrap Oy

Jani Kenttälä Jani is a security researcher who evolved into a serial entrepreneur, today he has 21 years of experience from building security and trust. Those years have made him a strong proponent of cyber hygiene. His journey in security started 1999 at a security research group called OUSPG. In 2006 he co-founded a spin-off startup called Clarified Networks, which was later acquired by Codenomicon. When Jani worked with national CERT teams and critical infrastructure providers to improve civilian cyber defence, he saw how regular people and smaller companies also need a lot of help. Instead of falling into despair, he co-founded Badrap to democratise security information sharing.

Badrap is a new type of web service that teaches people to think and behave differently online. It explains people their past data leaks and engages them as protectors of their friends and family. Companies use Badrap for protecting their employees, as well as their cloud assets.

Mr. Harri Sundvik, Executive Chairman for cybersecurity company XXLSEC Oy

Harri Sundvik, a Finnish and British national, has lived in London since 1987.  Harri worked for JPMorgan investment Bank in London 1988 – 2006 as Managing Director and Co-Head of Nordic Investment Banking Team; and thereafter for Bank of America Merrill Lynch in 2006 – 2016 as Head of Nordic Investment Banking and Vice-Chairman for Global Investment Banking. Harri focussed on Mergers and Acquisitions and Capital raising in his investment banking years, with most of his transactions in the technology sector. Harri is currently Board member and advisor for multiple technology companies in the Nordic region and in the UK. Among others, Harri serves as Executive Chairman for cybersecurity company XXLSEC Oy.

XXLSEC Oy is a Finland based cybersecurity technology development company, which has focussed on developing secure communication platforms and solutions for multiple use domains, starting with critical infrastructure at the most demanding level, secure private networks and sophisticated communication devices. Taking “zero trust” philosophy as the foundational cornerstone, XXLSEC has introduced a number of innovative solutions to meet the requirement for secure communication of the increasingly complex world of 24/7 communication.

Sauli Pahlman, Head Of Business Development at National Cyber Security Centre FI

Sauli Pahlman is a director at the Finnish National Cyber Security Centre. Before his leadership positions he specialized in several tech-intensive areas of cyber security, such as reverse engineering, software development, OT/IT operations, data analytics and cyber security evaluations of cryptographic products. He still occasionally tinkers with software and hardware to understand what makes them tick. At NCSC-FI he leverages his cyber-risk, innovation management and cyber security experience to provide direction for the NCSC-FI’s forward-looking activities as well as the project management office. In addition to her work at NCSC-FI, he serves as an advisor for Cyblem, a provider for national cyber capability ramp up projects for large corporations, nations and cooperatives.

We think cyber.
We talk business.
We provide security.

Read more about Monti Stampa Furrer

Stay tuned!

We’re on social media and we’d love you to give us a follow! You can catch us on LinkedIn and Twitter by using hashtags #cyberwatchFI #CyberCatchFI