A more up to date version may be "Press the send button in haste and repent at leisure". In the end it is all about protecting valuable, business critical data being wrongly distributed, largely through human error.
According to The Australian Information Security Tracker in 2016, 46% of small business owners and 38% of C-suite executives in Australia named human error as the biggest source of a potential data breach. 29% of SMBs had either never trained staff on information security policies, or didn’t have these policies in place.
Shred-It national sales manager William White said, “Leaked confidential information can not only hurt a company’s reputation but also put them on the wrong side of the law. Businesses must understand the responsibility they have to ensure their employees fully understand how to handle and dispose of information. An educated workforce is one of the first steps to ensuring your organisation is protected from data thieves.”
Tim Upton, founder and CEO of Titus was in Australia and gave iTWire a valuable insight into how Australian enterprises and government organisations can protect data through classification.
{loadposition ray}
First a little about Titus – its prime purpose is to help business and government protect valuable, business critical data and comply with a raft of emerging regulations like the European General Data Protection Regulation (GDPR) that will have global ramifications as it is adopted more widely.
Titus’s business is to discover what data you have, enable its classification and then secure it appropriately so it does not end up on someone’s mobile phone or in a private email. Its first Australian client was the Federal Government in 2007. Ten years later over 30 Federal Agencies use it to protect communications to comply with the Australian Government Email Protective Marking Standard (EPMS).
Q. What brings you to Australia?
It has been five years since I was here last. We have a large customer base here already, both in the public and the private sector. We also have a fantastic team headquartered here which is new in the past two years, so it allowed me to spend some good quality time with them and Managing Director David Land and ANZ Sales Manager Chad Wenger.
Q. What is your message to Australian businesses while you're here?
We’re certainly seeing that most businesses are struggling with information protection and data breaches. They've tried a lot of things, most of them so far with limited to no success, so it's time to try something just a little bit different. We attack the root of the problem – that is, first of all, the people, make them a little bit better, and then also attack the sea of data and give it an identity.
Q. Can you tell us more about how TITUS create a culture of security amongst organisations?
Culture is something that changes slowly over time. There hasn't been a lot of emphasis on it historically because businesses have tried to solve the problem of data security by putting in point solutions or black boxes that were supposed to be the miracle cure, but after many years and much expense with limited results, businesses have come to realise that the people, the employees, are participants in the breaches.
They're part of the problem so we need to turn them into part of the solution, and the way that we do that is by first educating them, then enabling them and then eventually enforcing the policy.
Q. When you've met customers here what have they told you about Australian issues, and security struggles their facing?
For most of them, interestingly their budgets continue to increase and that's likely because they haven't been able to solve the problem. But their teams are still overwhelmed and they don't feel like they're making any progress. With our solutions, they are more than happy to shift the responsibility of data protection down from a small group of information security professionals, down to the business units, down to the content creators, to the content owners, because they're the ones who are subject matter experts.
Getting them involved in the discussion and to become accountable is extremely attractive to those who are fighting the fight with limited success so far.
Q. What are your thoughts on the Australian security landscape and how does it differ from the one that you have in Canada and the States?
It's quite similar. People and organisations are suffering from the same fatigue and exhaustion from trying to fight the battle and the data's still getting out. There have been lots of public data breaches that we've all heard about, and many, many that you don't hear about. It's the same in North America, the same in Europe; it's the same everywhere, the same problem.
Q. The Australian senate has at last passed mandatory data breach notification laws. What are your thoughts on this legislation and what laws have you seen in other countries? Is it a good thing?
Absolutely. This is good for the consumer, it's good for the public, but it's going to be a rude awakening for companies because these breaches happen every single day. The burden that it’s going to put on an enterprise to start tracking, reporting and investigating these incidents is going to be enormous, well above the burden of the potential fines that could come out of it.
It's the management of the actual activity and disclosure that is going to be a huge burden for Australian companies. Similar legislation is coming into effect next year in Europe, namely the EU GDPR. Companies who work in the EU must comply with that, and those will also be very costly for enterprises to comply with. Both Canada and the US have different legislation, all usually centred around privacy with different rules all being deployed. Everyone is struggling with it the same way.
Q. What do you see as Titus’s growth areas for 2017 and beyond?
Large enterprises are a focus for us currently as they are the ones that struggle the most when it comes to culture change. It's easier to change the culture in a small organisation, but with a large enterprise, you must have a systematic approach and it takes more time. That's been our focus and that's where we're having a fair bit of success as well.
Q. Are there certain areas you're looking to cover in terms of business operation?
Financial services, manufacturers and indeed any organisation with intellectual property will be a focus area for TITUS because we understand that IP is something that has been traditionally very hard to comprehend where it is, what it is and therefore, what needs to be protected.
Header image credit https://blogs.msdn.microsoft.com/mthree/2010/07/22/when-it-comes-to-tweeting-be-thoughtful/