So Where Are Companies Now - Post GDPR?
Hello everybody, it’s been a few months since my last article but the summer months have freed up a little bit of time.
When I sat down to write this I thought of the starting point with the last few clients I’ve engaged with and what was on their mind or rather where they had got to in a short space of time. It wasn’t GDPR and it wasn’t security, because you know everybody is GDPR compliant and has no security worries don’t they. Sorry that’s my cynical and well-conditioned mind!
Like most they were adamant they had it all covered and at that point I didn’t know as much about the business as I do now. What I did know and what they were really happy to talk about was their company achievements, their objectives, vision and values. They had not given any consideration to three really critical things. The first, how was their current position was going to help them deliver their objectives, the second does their current approach sit well with their values and third, had they understood and assessed the threats to their business. It’s worth you thinking about this in the context of your own business, but before you do let me share something with you, it’s a conversation I had with my 11 year old and the same conversation I can remember my parents having with me when I was his age.
As a boy I really didn’t enjoy reading, 5 minutes was too much, my son although he’s enjoying it more than I ever did he’s still not a big fan. I’d sit on my bed with the book in my hands going through the motions. Sometimes I’d even read the book or at least I’d say the words in my head. I didn’t pay attention to what I was reading, I wasn’t present. I got away with it for a while, I was really good and adamant I’d been reading until my parents asked me to tell them about the book I was reading and had to answer questions the teacher had set for me on the book. Boy did I come unstuck. I’m sure you can guess what happened.
Now, back to my clients and possibly your business. They had gone through the motions, changed a couple of policies, borrowed others off a similar company (but bore no representation to their business), been to a seminar, thought all their information was safe and secure but had no really comprehension about either what was involved or the negative impact their approach was really having on their business. By the end of the meeting the light bulb was on, this isn’t about data protection or information security or not wanting to do something that costs money, it’s about how to run a successful, maturing business, one where delivering on objectives is in everyone’s interests and like it or not customers are interested in how their suppliers look after them.
Think about that when you think you’ve got it covered and ask yourself if you’re just going through the motions or is what you have in place really doing what it’s supposed to do in helping you achieve your objectives, live your values and de-risk the company?
Feel free to get in touch if you have any questions jezz@i-Secured.co.uk