With just over a year until the EU's General Data Protection Regulation which is set to revolutionise data protection practices around the world, and a record 421 billion records stolen in 2016, it's clear we need better data protection.

Ryan O'Leary, vice president at WhiteHat Security told us: "Despite huge publicity around data breach incidents, hackers are continuing to exploit often well-known vulnerabilities in order to get hold of large databases of personal information. Web applications are now one of the key vectors targeted by hackers looking to steal data; roughly 40 percent of all data breaches occur at this level. These applications are really the front line for data protection, as they often gather and store sensitive customer data.”

O'Leary added: “Those in charge of securing websites and mobile applications need to be proactive and build with security in mind. It may take a bit more time or cost a bit more money, but it's a solid investment to prevent media embarrassment and loss of trust from users. The easiest, most dangerous vulnerabilities in the flagship application, or applications that contain private information, should be dealt with first, regardless of how difficult they are to fix. Finally, the remediation of any serious flaws must be done in a timely fashion.”

Data Privacy Day's educational initiative originally focused on raising awareness among businesses as well as users about the importance of protecting the privacy of their personal information online, particularly in the context of social networking.

“The unstoppable growth of both social media and the Internet of Things presents increasing privacy challenges for consumers,” says Mikko Hypponen, F-Secure's chief research officer. “Businesses that rely on collecting and monetising data are gaining ever-increasing access to users' lives – practices that must be understood.”

“I believe data is the new oil,” says Hypponen. “And just like oil brought us both prosperity and problems, data will bring us prosperity and problems.”

Hypponen has long warned about how free services target their customers using a shocking amount of specificity. “Twitter knows if you're expecting a new child in your family in the next six months,” he explains. “And as a Twitter advertiser, you can use this to target your ads accordingly. It's quite clear that this information isn't coming from your tweets or whom you are following on Twitter. It turns out this information is actually being bought by Twitter from large data warehousing companies. Twitter then connects this information to your account through your phone number.”

The good news is users are becoming more security conscious, according to an F-Secure survey. Owners of Mac or iOS devices were just as likely to say that their computer needs virus protection as those who use Windows or Android devices, a positive development because Apple users are more likely to make commercial transactions on their devices.

Simon Moffatt, senior product manager at ForgeRock agrees: "We are now well and truly in the "age of the consumer" and the consumer, as the true data owner, wants to see transparent, consent-driven privacy management and data sharing options, for every online service they interact with. Businesses need to be in a position to provide consumer-centric solutions, not only for the new EU data protection laws, but also as a competitive differentiator."

Emma Butler, data protection officer at Yoti said: “Data Privacy Day presents a great opportunity to promote best practice for both consumers and businesses when it comes to protecting personal data. YouGov recently reported that 87 percent of people are worried, to some extent, about the security of their personal data online. It's clear that the issue is on the radar of more individuals than ever before.”

Butler added: “This year, I'm especially keen to see the technology industry encourage an environment where transparency and engagement with consumers come first. With the explosion of digital technologies, organisations are sweeping up vast quantities of data about consumers' activities, often without them being fully aware. Gaining consumers' trust and confidence in the use of their data will increasingly become a vital source of competitive advantage for companies”.

