Cybersecurity and Information Governance Should Be Approached As One
Bringing two pieces of a vital puzzle together to see the bigger picture.
Cybersecurity is all about the protection of valuable data. Information Governance is very much about the strategic management of data and thus includes not only aspects of data security but also data storage, data workflows, life-cycles, retention and eventually destruction.
That cybersecurity and IG are natural partners has not escaped forward-thinking organisations. However, many companies still have tendencies towards siloing many functions. The fact is, a business can be likened to an organism and within an organism, all the parts or organs have to function together.
Close communication between Information Governance and Cybersecurity is natural, and here is why:
Where is Your Data Located?
Cybersecurity tasks include preventing data loss, locating and shoring up vulnerabilities, ensuring network security and dealing with general data security issues and even training employees to operate safely with data.
Information Governance will as part of its mandate determine where an organisation’s data and records are kept. Data may be kept in-house or located with a third-party data management and records management company, or even a hybrid of the two.
Together through regular communication, these two vital units will be better able to safeguard the use and prevent misuse of an organisation’s data.
We live in an age of Big Data. Vast amounts of data are generated every day, some of it is highly valuable or sensitive but much of it is next to useless. Still, this does not stop many companies from following a ‘keep everything’ approach.
While the ‘keep everything’ approach may appeal to many organisations who feel they lack the capacity to create proper Information Governance policy or to those who feel overwhelmed it is nonetheless an expensive approach and one that also increases risk.
Information Governance and Cybersecurity can work hand-in-hand to prioritise data. The more important and valuable data can be given the highest levels of security and protection in terms of backups and archiving while less valuable data can be handled on a less urgent basis.
While data hoarding is a reality, valuable data can still be identified and secured even where an organisation’s IG and Cybersecurity units are small.
Reducing the Workload
The easiest way to reduce your workload is to do your work right the first time. Thus, when it comes to Information Governance and Cybersecurity, the best approach to assessing risk, prioritizing critical information, eliminating redundant, obsolete and trivial (ROT) content, evaluating threats and developing employee training and awareness programmes is to do so as a collaboration.
There is simply no point for both units to each do their own assessments, especially since the likely hood of conflicts due to lack of understanding can cause major issues down the line.
As long as each unit is upfront about their viewpoints and why they have them, then common ground and agreement can be found and a mutually beneficial working relationship can advance.
Partnering with Iron Mountain South Africa
Iron Mountain South Africa is at the forefront of Records and Information Management and Information Governance Policy best practices. Contact us today to find out about the right solutions for your organisation and enjoy greater peace of mind.
Image Credit: Pixabay/cristianrodri17