We have read countless articles on data security, but not one about having a good relationship with the people you entrust with your data security. There seems to be a misconception that data security is something not easily understood or practiced, and so should be left to the skills of a limited few who work in isolation to “fix” the problem. This is not realistic. Data security is a daily issue requiring a high level of trust and constant communication between your company and those people. It is a work in progress. A marathon as they say, not a sprint. And you need hard working people on your team.
Do you have a data security partner or just a breach hotline—that number you call only when something goes wrong? Do you have a cyber-security insurance policy? If you do, it is comforting to know that you likely have a number to call and help will be waiting. What you are doing now, every day, to lessen the risk is what really matters.
You need a partner. Someone who will not only give you good advice, but will meet you in-person at your office and understand how your business really works. A trusted advisor lessens the burden placed on you to explain as much as you can over the phone, allowing you to focus instead on company demands.
To be clear, cyber-security insurance is critical. It is as important as general liability or workers’ compensation insurance. The problem is that cyber-security incidents are generally not one-time, unique events like an accident. There is no simple one part solution to fix the problem. This is why knowing and actually meeting on-site with those giving you advice is important. The U.S. Department of Homeland Security has a motto: “Stop. Think. Connect.™” It is simple, and condenses important concepts into these short, directive instructions. Data breaches exist because we have not stopped to think and discuss data security. We are so used to just plugging something in and expecting it to work that we don’t consider the consequences when technology fails and leaves us vulnerable.
The manufacturing industry was an early technology adopter. That same practical approach continues today with projects being done with hand-held tablets and powerful computer servers to manage everything from three-dimensional software to completely integrated on-line build schedules. All of this technology is aimed towards the single purpose of manufacturing safely what was promised, on time, and within budget.
Technology makes the process more efficient. It does not replace individuals still doing the work. That is why, for example, a computer does not handle safety meetings. Effectiveness in that area requires one person to say to another, “don’t do this and if you do I am going to remove you.”
All of this might seem overwhelming, but it doesn’t have to be. To borrow a phrase from the Federal Trade Commission—start with security. Think about data security just like a morning safety meeting. Make it top of mind so it becomes a part of the daily practice and so it is reflected in your business and growth strategy. Include trusted partners that not only provide you advice when a problem arises, but also help in the prevention of problems before they occur. This should be a working relationship. One filled with meetings, calls, and thoughtful discussions about what protections you need to keep your business running and keep your team focused on your core work.
Reprinted with the permission of The Goods, Kentucky Association of Manufacturers, ©July 2016