GEC NEWS WIRE“The motivation to keep your company out of the newspaper shouldn’t be driven by fear but instead by a shared company-wide value that, without customers, you don’t have a business.”
Enterprise security today is a corporate culture, rather than norms and mandates. What would be the golden rule for any modern organization to initiate this culture?
It’s been said before but it’s true: if you don’t want to see your company’s name in the newspaper tomorrow, do everything you can today to ensure your organization is secure. A data breach can have long-term repercussions to a company’s revenues, profits, customer loyalty, brand equity and shareholder value. You needn’t look any further than Equifax. This breach has cost some executives their jobs, a +30% drop in market value, potentially billions of dollars in class action lawsuits, and likely millions in regulatory fines. And these are just the short-term impacts. Long-term consequences are likely to be much greater and can include: additional regulatory oversight, brand dilution and potentially bankruptcy.
If you don’t take care of your customers, namely protect their privacy, you won’t keep them. If everyone in the company knows this and it’s reinforced by the c-Suite and reflected in the investments made in technology, education, and penetration testing, then it can become a fundamental part of that company’s culture.
Let us come out of the clichés of ‘security is a shared responsibility’ and ‘Every employee is a potential target’……etc. Where are we falling short?
Unfortunately, there’s no one culprit for why companies fall short in establishing a “security first” culture. If cybersecurity was simple and straightforward, every company would do it and cyber-attacks wouldn’t happen.
The reality is cybersecurity is just one expense in a company’s operating budget. In addition, there is an exponential rise in data being generated by IoT, machine learning, artificial intelligence and other technologies that needs to be categorized, stored and, in many cases, protected. There is also an increasing reliance on third party service providers that have access to your systems and sensitive content and each of these are a security risk to your organization. Finally, cyber-attacks are increasing in frequency and severity and organizations are constantly playing catch up to the latest cyber threat. In total, organizations must work harder to control, monitor, and secure their sensitive content. As a result, knowing where your sensitive content is stored, who has access to it and what’s being done with it is becoming increasingly important.
When the discussion on ‘Security’ leaves the boardroom, how welcoming are your solutions to the CIO/CISOs? How can they build a robust infrastructure with you?
CIOs and CISOs are overwhelmed by data. It’s everywhere in their organization and they can’t keep track of how much they have, where it’s stored, or who has access to it. This creates significant security and compliance issues for organizations. With Accellion, CIOs and CISOs gain total visibility into where all of their content resides. They can control who has access to what content and they have complete visibility into all file activity, including who is opening, editing, creating, downloading, uploading files. With this granular level of visibility, CIOs and CISOs can ensure only authorized users have access to sensitive content; they can leverage a number of security features to ensure all content is shared (sent, received, downloaded or uploaded) securely; and can reduce the number of entry points external parties have into their network. Lastly, CIOs and CISOs can produce auditable logs to demonstrate compliance with industry and government regulations, including GDPR. In total, CIOs and CISOs find Accellion incredibly integral in their efforts to mitigate the risk of a data breach or other form of data loss while also demonstrating compliance with rigorous industry and government regulations.
