May 23, 2016 By Kevin G. Joseph 3 min read

Relationship: Loyalty, Integrity and Trust

It’s no surprise that the business environment has dynamically changed in recent years. Technology has become a major factor in every facet of our lives. Individuals can now take conference calls from their cars, schedule next week’s dinner while on the go and book their next vacation in seconds, all thanks to technology.

But technology often distracts us from what is most important. Whether I’m consulting on how to protect critical assets, having a discussion around cloud and mobile or speaking to the importance of optimizing a security program, my goal isn’t to project intelligence, knowledge or experience. Those traits are advantages, but not requirements.

There are three things that every person should look for when selecting their service provider: loyalty, integrity and trust.

Building Relationships Is Not a Part-Time Job

Countless organizations in the information technology industry spend a great amount of time on pre-sales, opportunity identification and product knowledge. They are constantly investing time and money to ensure their business processes are executed flawlessly and the sale happens quickly. However, in the security sector more than any other, building a relationship with clients cannot be a part-time job or an afterthought in this process.

I am entrusted every day to protect the financial information of my clients. I have a responsibility to protect the health data of the sick and the personally identifiable information of minors.

The blunt truth is that anybody with the right technology can protect data, but no one spends the time I spend creating and building that long-term relationship; for me, building that relationship is as important as the information I protect.

Protecting Your Organization’s Reputation

To be successful in information security, you have to invest to making relationship building and trust building a full-time job. Why? Because we are all stewards of different things: Bankers handle money; doctors impact health; teachers control education; parents raise children.

As business leaders, your employees and customers trust you. You are entrusted with their personal and financial information. Their way of life is dependent on how well you protect them.

As Warren Buffett once said, “It takes 20 years to build a reputation and five minutes to ruin it.” This is one of my favorite quotes from the chairman of Berkshire Hathaway. Unfortunately, while this quote is applicable to other industries, it does not apply to cybersecurity.

In the cybersecurity world, it doesn’t take five minutes to ruin your reputation. You can see it happening it real time as a cybercriminal compromises your customer’s information and your business ends up as a top headline in the news.

You cannot be fully committed to building relationships if you are not committed to earning the trust of your clients. The best way to earn that trust and begin to build that relationship is to ensure your organization has taken every measure to keep your client’s data safe.

Don’t wait until you are breached before taking action. Take it now and be proactive instead of reactive.

Three Types of Companies

In my opinion, there are three types of companies:

  1. Companies that have been hacked;
  2. Companies that are about to be hacked; and
  3. Worst of all, companies that have been hacked and don’t know it yet.

When looking for a new financial service provider, hospital, bank, etc., I strongly advise my clients not to do business with them unless they have a cybersecurity program in place.

No security solution can guarantee 100 percent immunity from a cyber breach. But the organizations that have the technologies in place and an action plan to protect my business have a leg up on the competition. After all, if you can’t make an investment in protecting what is important to me, how can you say you are fully invested in our relationship?

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today