After much grief trying to secure accounts that we did not ask for, we’re given an apology.
Don’t know about you, but I don’t want an apology.
I want Equifax to have fixed cybersecurity before it broke.
I want Equifax to have taken the necessary time required to avoid a mess before having me spend my time fixing their mess.
How can you avoid a similar mess?
What data needs to be shared? (have one master list for the company)When does it need to be shared with whom? (map who gets what data when, create administrative levels and access keys)
What safeguards are put on the data and databases? (infrastructure security and company discipline – put in the patches, it’s just a download)
How often are the interfaces tested? (preventative maintenance – and since this is an area with access to a lot of data, use predictive analytics to highlight your infrastructure weaknesses)
Don’t allow access to sensitive data unless in a secure environment. (no more anyone anywhere has access to any data at any time – your customer’s data and their customer’s data hold sensitive information).
Have a strategic framework to organize all of these decisions.
Hire outside firms to hack your systems and show where your weaknesses exist. Then have them tell you how to secure the breached areas.Can’t afford an outside firm? Contact a university with a strong cybersecurity curriculum. Create a master’s level semester project hacking your system and strengthening it. There may even be a special university institute setup just for this.
If you are a small manufacturing entity, contact your regional NIST MEP for help (Manufacturing Extension Partnership).
Have your suppliers and distributors do the same.
Know how a breach will affect you and where. Have early warning systems built in.
Cost isn’t everything. Perfect Performance when Reliability is required is everything.You can get it, but you need to align your business to the right performance goal and reward behavior that stops breaches before they happen.
Make sure your tactical management understands exactly what the executive team wants and how it is measured so that you build in cross-functional cooperation from the very beginning. Only then can you get alignment.
Know what performance your customers and their customers really expect from you.
Key words and concepts: Cybersecurity, performance, customers, reliability, supply chains,
About the author: Cynthia Kalina-Kaminsky with Process & Strategy consults with and provides training for organizations eager to increase their competitive value by helping enable growth, align performance, make and move product (even when the product is electrons). She is teaching SCOR (Supply Chain Operations Reference model) in Baton Rouge this October. SCOR is the framework Fortune 500 companies use to increase their performance.