10 Step Business Requirements to Protect Customer Data

customer data breaches

.

 

Monitoring Security Compliance

There are a number of metrics that one can monitor to see if one is in compliance with corporate and government security requirements. Unfortunately, governance is lacking at many organizations or the governance supervisors are paying attention to the wrong metrics.

Below are three metrics that everyone should consider monitoring:

1.  Program participation levels:

Too often one or two units sign up to participate and the executives check the task as done. The chief security officer (CSO) and CEO should be ensuring every unit is fully participating.

2.  Verification that third party providers are in compliance:

All suppliers of products or services should be conforming to the security requirements. This includes software and software patches, cloud providers, and non-IT service providers.

3.  Audit security compliance and monitor the red flags:

Whether it is internally written code, handheld devices or clean desks, there should be governance procedures in place to ensure data is fully protected. Audits should be done periodically and the number of red flags found and the trends will provide excellent indicators of the company’s security risk exposure and areas that need to be cleaned up.

There are a myriad number of metrics one can monitor in addition to the ones above. However, it is important to ensure that the chosen metrics are actionable and not just a set of numbers that are nice to know.

Summary

According to a recent Raytheon/Websense survey only 28 percent of executive respondents felt the security metrics used in their organizations were “completely effective,” whereas 65 percent felt the metrics were “somewhat effective.” There is tremendous room for improvement in companies of all sizes across all industries.

The risk exposure for failing to implement reasonable security practices is enormous – not only in terms of penalties but also in terms of customer and supplier loyalty and future revenue streams. Properly securing customer data is not just a good thing to do to keep customers satisfied but it is a sound business practice.

With all the breaches in the news almost weekly it could lead one to believe falsely that most companies are choosing to ignore reasonable security practices. There are failures of commission as well as omission and many individuals just do not follow through on corporate practices, which is why monitoring is a must.

Business and IT executives should ensure sound security practices are in place, constantly monitored, and reported to the CEO and Board of Directors on a periodic basis in the course of each fiscal year.

Related articles:

The Hacker Prevention Checklist

Who Owns Your Emails?

More on Small Business Privacy vs. Security

RELATED POSTS

AI and Web3: Unleashing the Power of Decentralized Intelligence

AI and Web3: Unleashing the Power of Decentralized Intelligence

The fundamental definitions of AI and web3 as they stand today By now you have probably heard a lot about the pros and cons of Artificial Intelligence or AI and Web3. In this article, we will explore the relationship of AI and Web3, its implications across various...

Video Gallery

Polls

Sign Up for the Latin Biz Today Newsletter

PR Newswire

Innovation & Strategy

Money

Talent/HR

Legal

Marketing

Culture

Fashion

Food

Music

Sports

Work & Life

Mindfulness

Health & Fitness

Travel & Destinations

Personal Blogs

Pin It on Pinterest