As the Chief Privacy Officer there's nothing that will get your adrenaline going faster than hearing the word “breach” from someone in, or out of, your company. Breaches can also be the CEO's worst nightmare. These breaches of security and privacy can happen to even the most sophisticated companies out there. For example:

• In September 2017, Equifax announced a data breach that exposed the personal information of 147 million people. The company had to agree to a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau, and 50 US states and territories. The settlement included up to $425 million to help people affected by the data breach. Several top‐level executives also lost their jobs over this breach and the company took a big hit in the press as well.
• Marriott International announced in November 2018 that attackers had stolen data on approximately 500 million customers. The breach initially occurred on systems supporting Starwood hotel brands starting in 2014. The attackers remained in the system after Marriott acquired Starwood in 2016 and were not discovered until September 2018. The attackers were able to take some combination of contact information, passport number, Starwood Preferred Guest numbers, travel information, and other personal information. The credit card numbers and expiration dates of more than 100 million customers were believed to be stolen, but Marriott is uncertain whether the attackers were ...