From user-friendly software, to complying with data protection regulation, Rick Goud, CIO and Founder of Zivver, lists the top three email security priorities for CISOs and explains how secure communication platforms are addressing their needs.
As teams across the public and private sectors continue to work remotely, accessing and handling huge amounts of sensitive and confidential information over email, outbound data security breaches are a continued cause for concern.
Email is one of the most used communication methods between organisations, employees, and clients. Yet it is the one that’s most prone to errors. All eyes are currently on Chief Information Security Officers (CISOs) to ensure sensitive and important information remains secure but what should their top priorities be when it comes to secure email use, and how can technology help?
Priority 1 – Complying with laws and regulations
In 2018, the General Data Protection Regulation (GDPR) was implemented to overhaul how businesses process and handle data. However, three years later there remains plenty of confusion around the rules, and it can be difficult to spot if existing communications platforms are fully compliant.
Error prevention technology will help a CISO easily comply with data protection regulations, such as GDPR, from anywhere. That’s because the software’s strong encryption and user authentication, alongside smart technology, is designed to prevent human error.
Priority 2 – Creating and maintaining good cyber security practice
The CISO looks for certainty and will have a preference for a solution that is well-known for its quality, reputation and use cases. CISOs needs solutions to work for everyone, from employees to external users.
Many organisations still do not secure their emails by default, meaning all messages circulate unencrypted. As a result, anyone can access an email, even if they were not supposed to receive it.
Driving good cyber security practices into the wider organisation requires a cultural change, and one that can be difficult to make across corporate silos.
Having people overhaul their familiar and comfortable way of working is often a recipe for disaster – especially when they have already had to switch to remote working – resulting in low and slow adoption. People will find their own workarounds because they don’t believe they need to change, and often, a secure comms system is too difficult for them to use.
When training or attempting to change a team’s day-to-day processes, it is much easier and more effective to show, rather than tell. Error prevention technology has the ability to illustrate where staff are going wrong when it comes to handling and sharing sensitive data, it is simple to set up and easy for teams to use from day one, wherever they are.
Priority 3 – The secure communications platform must be easy to use
If an existing system is cumbersome for staff and recipients to use, this leads to low adoption, therefore increasing risk. Outbound email error prevention software is quick to deploy, and easy for anyone to use with minimal training. It integrates seamlessly with services like Outlook and Gmail, resembling tools like the ones most of us already use. These easy integrations enable users to send communications safely without needing to change existing workflows.
COVID-19 has no doubt altered how public and private organisations work and operate, and this change should be seen as an opportunity to improve working practices to ensure staff can easily safeguard citizen’s data and comply with regulatory requirements.
As we look to the post-COVID world, let’s look to make it one where security is at the heart of communication practices so that CISOs and their teams can work with confidence wherever they are.
Jill Broom
Head of Cyber Resilience, techUK
Jill Broom
Head of Cyber Resilience, techUK
Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week.
Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there.
Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows!
Tracy supports several areas at techUK, including Cyber Exchange, Cyber Security, Defence, Health and Social Care, Local Public Services, Nations and Regions and National Security.
Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!
Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!