By Todd R. Weiss
For businesses today, running their everyday operations, selling goods and services and dealing with customers can often be the easy parts of their responsibilities. The much more complicated and worrisome part arguably is keeping their operations secure from malicious attackers around the clock and complying with all the varied regulatory rules and hurdles from governmental and industry agencies involved with banking, finance, health, food and a myriad of other areas.
That’s where the upcoming presentation, “How Security and Compliance Could Save Your Client,” March 10, part of the security conference track at the Channel Partners Conference & Expo, can help provide useful insights for channel partners who provide security and compliance services to business customers.
In his presentation, Jason Duchnowski, channel chief of Otava, will talk about how regulations and standards, from HIPAA to PCI to ISO 27001, combined with cyberthreats from ransomware to phishing, can combine to make the heads of business leaders spin. He’ll also describe how having trusted IT partners who can help their clients effectively fight cyberthreats and maintain compliance with all the pertinent regulations and standards can be a huge boon for businesses so they can focus on their core operations. Duchnowski will describe how the consequences of successful data security breaches can also severely impact service providers as well. The presentation will stress how regulatory compliance is a skill set that every channel partner must have in today’s security and regulatory landscape, but also show how that doesn’t need to be intimidating for partners. Using his tips and clear approach, Duchnowski will walk attendees through compliance basics and give them a plan of action for how to get ahead of regulatory hurdles.
In this Q&A with Channel Partners, Duchnowski gives a sneak peek into his upcoming security and compliance presentation at the conference.
Channel Partners: Security breaches seemingly are everywhere nowadays — so what clear compliance steps and strategies can businesses take to fight them?
Jason Duchnowski: Breaches are seemingly everywhere today because the likelihood of experiencing a data breach continues to rise each year. Studies have shown that companies now have nearly a 30% chance of experiencing a data breach within a two-year time period. Statistically, businesses should prepare for the inevitability that they will be breached, so how you fight a data breach is more of a defensive strategy. There are three major aspects that should be considered when protecting the business from data breaches: First, buy sufficient insurance to cover breach incidents; second, be aware of the factors that increase or decrease both the per record cost and total breach cost; and third, implement a strategy that shortens the breach life cycle.
CP: If a business already is taking action, what are some of the steps they must absolutely ensure that they are implementing from the start?
JD: Create an incident response team that follows an incident response plan. Test the plan regularly. Technologies that should be highly considered include encryption, security automation and business continuity.
CP: How can regulatory compliance be made less intimidating?
JD: Involve an outside firm for help if your company does not have the expertise. In either instance, a company security and compliance officer should be appointed. This individual is the focal point for internal security concerns as well as …