Skip to Main Content
Home » Blogs » Data Security is Everyone’s Responsibility

Blog

Data Security is Everyone’s Responsibility

rpa-big

For many years, software companies have trudged down a path of making updates and releasing enhancements to their applications, in hopes that their customers will find value in what they produce. In today’s world of customer journey mapping to enhance and understand the customer experience, that thinking no longer works.

Personally, as the Head of Product Management for iGrafx, I try to get out of the office as often as possible to hear exactly what the market and our customers are saying. To that end, a few weeks ago I had the privilege of attending the Enterprise Risk Management Symposium in Portland. Here are a few of the highlights I picked up.

  • IT Security is a matter of culture not technology. That means that the whole organization needs to be included in understanding and implementing the required behavior.
  • While everything in IT needs a process, documentation, and the metrics to monitor the behavior, they also need to understand the other processes that they support, and the systems used. Additionally, it is imperative that they understand the risks of a process or system failure and ensure there are mitigating controls in place to nullify or, at the very least, minimize the disruption. Processes for dealing with incidents should not be taken lightly. It is not a matter of “IF” there will be an incident, only “WHEN”.
  • You should have an inventory of “Capabilities” which can identify relationships to not only other capabilities, but also to the processes that support them, as well as identifying the risks for failure. It is also important that groups can identify gaps in their capabilities so that they can address them before they became real issues.

The biggest shock to me, and also the biggest takeaway, was how impressed the group as a whole was with GDPR. While the new regulation at present is a bit of headache, as everyone rushes to be compliant by May 25th, they were very much impressed. It was also clear that this group was already moving in a direction to work with US law makers to enact a similar regulation here, using GDPR as a template. If you have not heard about GDPR you can find out more about it, who it impacts, and what you can do to be ready here.

Overall, I enjoyed this show. It provided a lot of good insights into the challenges and ideas of those who are tasked with handling Risk Management. But most importantly for me, the ERM Symposium really helped build confidence and validation in the direction of iGrafx, as we continue to develop and evolve with the market.

Related Posts

Risk and Opportunity Process Excellence – Promote a Culture of Risk Management

  • clock October 30, 2018
  • author-icon James Berrocales
  • 0 comments

Risk Management is part of our daily lives. It is so entrenched in our routine activities that we may not even realize it. What is...

Read More

Why Top Tech CEOs & CFOs are Worried

  • clock August 22, 2018
  • author-icon Jamey Heinze
  • 0 comments

I just ran across a really interesting infographic produced by Wells Fargo, titled: “What Keeps Tech CEOs and CFOs Up at Night?” It’s interesting to...

Read More

Risk and Operational Excellence – Two Sides of the Same Coin

  • clock July 26, 2018
  • author-icon Robert Thacker
  • 0 comments

Risk is a part of all our daily lives. Every day we face challenges and risk that may impede our progress toward our daily goals....

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WEEKLY DEMO

Join us every Wednesday for an expert-led demonstration of the iGrafx Platform

Close Icon