From user-friendly software, to complying with data protection regulation, Rick Goud, CIO and Founder of Zivver, lists the top three email security priorities for CISOs and explains how secure communication platforms are addressing their needs.
As teams across the public and private sectors continue to work remotely, accessing and handling huge amounts of sensitive and confidential information over email, outbound data security breaches are a continued cause for concern.
Email is one of the most used communication methods between organisations, employees, and clients. Yet it is the one that’s most prone to errors. All eyes are currently on Chief Information Security Officers (CISOs) to ensure sensitive and important information remains secure but what should their top priorities be when it comes to secure email use, and how can technology help?
Priority 1 – Complying with laws and regulations
In 2018, the General Data Protection Regulation (GDPR) was implemented to overhaul how businesses process and handle data. However, three years later there remains plenty of confusion around the rules, and it can be difficult to spot if existing communications platforms are fully compliant.
Error prevention technology will help a CISO easily comply with data protection regulations, such as GDPR, from anywhere. That’s because the software’s strong encryption and user authentication, alongside smart technology, is designed to prevent human error.
Priority 2 – Creating and maintaining good cyber security practice
The CISO looks for certainty and will have a preference for a solution that is well-known for its quality, reputation and use cases. CISOs needs solutions to work for everyone, from employees to external users.
Many organisations still do not secure their emails by default, meaning all messages circulate unencrypted. As a result, anyone can access an email, even if they were not supposed to receive it.
Driving good cyber security practices into the wider organisation requires a cultural change, and one that can be difficult to make across corporate silos.
Having people overhaul their familiar and comfortable way of working is often a recipe for disaster – especially when they have already had to switch to remote working – resulting in low and slow adoption. People will find their own workarounds because they don’t believe they need to change, and often, a secure comms system is too difficult for them to use.
When training or attempting to change a team’s day-to-day processes, it is much easier and more effective to show, rather than tell. Error prevention technology has the ability to illustrate where staff are going wrong when it comes to handling and sharing sensitive data, it is simple to set up and easy for teams to use from day one, wherever they are.
Priority 3 – The secure communications platform must be easy to use
If an existing system is cumbersome for staff and recipients to use, this leads to low adoption, therefore increasing risk. Outbound email error prevention software is quick to deploy, and easy for anyone to use with minimal training. It integrates seamlessly with services like Outlook and Gmail, resembling tools like the ones most of us already use. These easy integrations enable users to send communications safely without needing to change existing workflows.
COVID-19 has no doubt altered how public and private organisations work and operate, and this change should be seen as an opportunity to improve working practices to ensure staff can easily safeguard citizen’s data and comply with regulatory requirements.
As we look to the post-COVID world, let’s look to make it one where security is at the heart of communication practices so that CISOs and their teams can work with confidence wherever they are.
Dan Patefield
Head of Cyber and National Security, techUK
Dan Patefield
Head of Cyber and National Security, techUK
Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.
Raya Tsolova is the Programme Manager for National Security at techUK.
Raya is responsible for all National Security related activities across techUK, specifically in the established programmes of Defence, Cyber Security and Justice & Emergency Services. Raya will leverage relationships with existing stakeholders across the three programmes, and will build new relationships between techUK and key stakeholders who are of interest to member companies.
Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week.
Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there.
Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows!
Freddie MacSwiney is the Programme Manager for Defence and Cyber Security at techUK.
Prior to joining techUK, Freddie worked as a Government Adviser for a firm dealing in International Relations, where he briefed Politicians, Ministers, Heads of State, Diplomats around the world on key issues from Defence, Security and other key issues and aligned them with the UK.
Jill Broom
Programme Manager, Cyber Security and Central Government, techUK
Jill Broom
Programme Manager, Cyber Security and Central Government, techUK
Jill is techUK’s Programme Manager for Cyber Security and Central Government, supporting the work of both programme teams and promoting better engagement between the public and tech sectors.
Prior to joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
With an MA(Hons) in American Studies from the University of Edinburgh, Jill continues to be fascinated by the history and politics of the USA. Otherwise, outside of work, she can be found up a hill, swimming in a loch or curled up with a good book.
The techUK Annual Dinner will take place on Wednesday, 13 July 2022. Our Annual Dinner is the established, must-attend business dinner in our calendar. The evening will begin with a drinks reception, allowing ample networking opportunities, followed by a fabulous dinner and speeches from the country's leading technology stakeholders.