Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Governance tactics to reduce cybersecurity vulnerabilities

No organization is safe from cybersecurity threats in the digital age: Whether through hacked emails, malware or ransomware attacks, intellectual property theft has become a big business.

Businesses of all sizes are subject to these cybersecurity vulnerabilities that can have a major negative influence on companies' customer relations, finances and legal standing. And while no organization has unlimited resources to offset these threats, a strong information governance program goes a long way to help alleviate cybersecurity challenges, said Diane Carlisle, IGP, CRM, executive director of content at ARMA International, during a recent SearchCompliance webcast.

"There are internal threats as well as external threats," Carlisle said, who was joined by fellow speaker Mark Grysiuk, CRM, CIP, during the webcast. "It's also clear that if the employees of an organization are making bad information governance decisions, that's going to have an impact on the security of your information."

The sheer amount of structured and unstructured data generated by the typical modern organization presents big challenges to a company's information governance program. From an information security perspective, all data must be processed and analyzed to avoid unauthorized access. 

As a result, organizations that do not systematically delete information with no business value are setting themselves up for cybersecurity vulnerabilities.

"We might be losing the game -- companies are collecting and storing more information than they know what to do with," Grysiuk said, who is currently a senior advisor of information security governance at Bell Canada. "Retaining data that has zero value in a high-cost, active environment is a legal and operational liability. Why pay to protect information that is obsolete?"

A good, strong information governance infrastructure is going to be a key part of addressing your cybersecurity challenges.
Diane Carlisleexecutive director of content, ARMA International

This is where a strong information governance program is most beneficial to cybersecurity efforts, Carlisle said. Something as simple as data retention and disposition protocols can go a long way to protecting vital company information, she added.

For these programs to be successful from both a governance and cybersecurity standpoint, however, requires integrated perspectives from all of an organization's departments, including legal, finance and security. For example, Carlisle noted that many companies' legal and compliance processes rely heavily on data management processes to produce quality data as evidence.

Carlisle offered some common questions companies should ask when developing an information governance program, including:

In other words, before the company can determine what data it can delete to avoid cybersecurity risks, it must first make sure the information won't be needed down the road.

"There is a real collaborative nature to information governance itself," Carlisle said. "Without all of these perspectives represented and being considered in any information governance decision, there will be significant gaps."

In this webcast, Carlisle and Grysiuk discuss the common cybersecurity vulnerabilities facing companies today, and how a well-planned information governance program helps offset these seemingly endless risks. By applying smart information governance principles to cybersecurity efforts, companies can better understand data threats and determine the best mitigation steps, Carlisle said.

"A good, strong information governance infrastructure is going to be a key part of addressing your cybersecurity challenges," Carlisle said.

View All Videos

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What information governance best practices do you think are best suited to also help prevent cybersecurity challenges?
Cancel
What I’ve seen is that, in many cases, the business has no use of the information that’s sitting out there, and quite often doesn’t even realize that it is out there. The data is really just a big liability from both a regulatory and security perspective.
Cancel
I have heard that quite a bit too- companies' data volumes are so large now that they have endless amounts of unstructured, unused data that could come back to bite them later on. I think a lot of companies are hesitant to get rid of any data, thinking it might prove to be a useful asset or be needed for legal or regulatory purposes at some point. In reality, they are better off implementing defensible deletion schedules to ensure they are getting rid of this useless data that could be a huge liability.
Cancel

-ADS BY GOOGLE

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close