By Kevin Bailey, Head of Market Strategy
After an extremely busy and award-winning RSA conference last week in San Francisco it was a great opportunity yesterday to share our strategic vision and insight with key industry analysts and media at Clearswift’s EMEA Analyst and Influencer Conference at the Langham Hotel, London.
Fran Howarth, Senior Research Analyst at Bloor Research moderated the morning’s discussion and debate amongst our Executive team alongside journalists from leading publications. During the afternoon, we were pleased to welcome key industry analysts and a data protection legal expert from across EMEA, which proved to foist most animated and interesting discussions.
The over-arching theme at the event focused on delivering innovation in an era of critical information protection. Key issues which were brought to the fore included the fact it’s no longer feasible to continue using traditional stop-and-block measures in place; companies need to be supported with policies and technology that allow for flexible yet secure collaborative information sharing. In today’s collaborative and ‘always on’ culture, businesses need to be able to securely share information within the business, across the supply chain and externally, but at the same time allowing for human error. That error could be a document sent to an unauthorized party or sending credit card information outside the organization…all in all it’s clear that these kinds of insider threats are a real issue for businesses today.
The Information Commissioner’s Office (ICO) has shown its teeth, with recent substantial fines across public and private sector organizations, it’s essential for businesses to recognize these threats and have a proactive approach. If an organization is reacting after disasters rather than securing proactive preventative policies and ensuring the infrastructure is supported with the right technology, then it’s too late. And it was agreed that if you haven’t been hit yet, you will be, or better still - if you haven’t been hit yet, take a closer look, you may be sadly suprised!
Another question raised during the event was that of budget allocation and who is responsible for security? With budgets being shifted to “front of house”, how can organizations safely secure their back office operations?
Furthermore, should this responsibility be held by the board or rest squarely on the shoulders of the CISO or CIO? With the ICO ready to impose potentially crippling fines of 5% of total global revenue for companies that fail to adhere to new data protection breaches, businesses need to ensure that they know what they are doing. Whilst it’s the CIO’s role to ensure the company has the correct cyber-security defenses and policies in place, it’s the responsibility of each business unit leader, whom should understand the sensitivity levels of their information, working as a team, to provide the various levels of information classification protection to be applied, else the entire company will suffer if the correct provisions are not there. As well as serious reputational damage, with damaging fines comes potential jobs losses - which ultimately rests on the board’s shoulders.
In an era where information is now considered to be an organizations’ most valuable and destructive asset, it’s essential that companies proactively protect their employees, partners and customers from potential threats but, equally important is protecting the organization from incurring data protection breach fines or not meeting other industry and government compliance regulations. This means that organizations need to enable secure collaboration by delivering 100% visibility of critical information, 100% of the time, ensuring they can track the information lifecycle through the company - internally as well as externally.