How Critical Is Information Security In Your Business? | EMEA
Information Securit

Information security is one of the most important areas of business for any company that is trusted with customer data. Industrial hacking and espionage is on the increase and any loss of sensitive data can cause an existential threat for your business. Quite literally, a data loss can mean an expensive catastrophe from the share price collapsing to complete closure.

So where should you be focused if you want to ensure that you have your information security strategy under control? The Information Security Forum (ISF) recently published a useful list of the five trends that they believe will define this area in 2016.

  • The unintended consequences of state intervention
  • Big data will lead to big problems
  • Mobile applications and the IoT
  • Cybercrime causes the perfect threat storm
  • Skills gap becomes an abyss for information security

I believe that they missed an extremely important area – customer service. Contact centre security and fraud deserves serious planning because this is where the customer relationship is mostly managed. The contact centre team will be managing a lot of sensitive information creating a need for strong information security. Let’s briefly explore each of those trends in turn.

The unintended consequences of state intervention

Legislators are usually far behind a hi-tech industry that is always innovating. Requests for systems such as back doors and the ability to access information could cause future difficulties for many organisations. Look at how tools like Whatsapp use encryption that means even the company owner (Facebook) does not know what is being transferred.

 

Big data will lead to big problems

Companies will be making more decisions using enormous data sources, but they need to also be able to verify the integrity of the data. If you don’t control the source then you cannot rely completely on the analysis of the data.

 

Mobile applications and the IoT

Work in offices has become more mobile and less fixed. Opening your network to many devices introduces new risk, particularly as we move into the Internet of Things environment where devices come on stream even with a human operator.

 

Cybercrime causes the perfect threat storm

Cybercrime is your number one threat. Compliance, regulation, dealing with hacktivists, and the advance of technology are all creating a perfect storm with your business at the centre. Criminals, activists, and terrorists can all target your business, causing disruption and they are extremely well organised.

 

Skills gap becomes an abyss for information security

You cannot avoid every single information security incident, but you can build a plan to protect against most and have processes in place to deal with an issue that arises. However, the bad guys are generally developing plans faster than those on the corporate security teams. This is creating a genuine problem that can be very expensive to manage.

 

Contact Centre Security and Fraud

As I mentioned earlier, the interface with the customer will often involve secure information, such as payments. Contact centre environments need to be managed so that even the agents with access to sensitive information have no way to copy or download the information within fully compliant environments. Agent education on security and fraud should be part of the contact centre on-going training guidelines that go deeper than just education but into the physical security aspects of the role of an employee within a corporate structure.

Each of these information security trends is important, but I believe that managing security around the interface with customers is one of the key challenges facing executives today. The customer wants a great experience and this often requires personal data to be shared or utilised by customer service teams – ensuring this data is not misused is one of the key management challenges you need to be planning for today.

Companies should have well-defined security processes and stringent policies related to hiring, training, IT infrastructures, security regulation certifications, and security management methodologies. In short:

There should be a culture of protection and security everywhere.

Photo by Rodger Evans licensed under Creative Commons.


What do you think about this post?
Leave us your comment.

avatar

*