The world is spinning with data while companies large and small build their fortunes on it. Trade secrets? Customer details? Regulatory reporting? All of these rely on data that is abundant, available and secure. Lose your data and you risk losing your company. But any security expert – or criminal – will tell you that the easiest way into secure data is through the people who are trusted with it. In fact, a quarter of all data breaches are caused by human negligence.
Meet Matthias Klaer, director of risk and compliance at Hitachi Vantara. “Awareness is crucial. Humans are very often the first and last line of defense,” Matthias said. “Each single employee can be seen as a source of a data breach.” To help abate that risk, Matthias led the company’s Cyber Security Awareness Month (CSAM) in October. The campaign was paired with National Cyber Security Awareness Month, which was promoted by another organization that is just as aware of the importance of security: the U.S. Department of Homeland Security.
Matthias’ goal for CSAM was to educate employees and create, refresh and maintain awareness of existing information security and policies. Of course, everyone knows that data security is important. But many employees are unaware of the new risks that come with the new ways we use data today. Matthias uses cloud services as an example. “Users often think that the cloud service provider is solely responsible for protecting data when in fact the user bears a good amount of responsibility. Without these awareness campaigns, this responsibility would not be understood.”
Because today’s digital environment transforms the way we use data and information, employee education and awareness on data security must evolve with it. “We need to learn new tricks and do things differently,” Matthias said. “Data is the currency in today’s digital landscape,” Matthias says. “It has value and we need to do a stellar job protecting it. Only if we can protect that currency will we be able to instill trust in our products and services.”
Despite its importance, creating and keeping employee engagement was a tough challenge that Matthias is relentless in solving. In its first year at Hitachi Vantara, CSAM largely relied on lectures as its basis for education. This time around, the company’s third, Matthias experimented with many different ways of communication and education. He built email campaigns, wrote intranet posts, produced videos, created quizzes, planned games and even found programmable robots to offer as prizes for participation. He also improved simple access to the requirements themselves. “The policies have been there before, that’s not new, but the format is relatively new. We moved into an online, more user-accessible format for the first time.”
Tracking the results of his many methods and employee engagement, Matthias found that participation more than doubled from last year’s campaign. Ever the champion of complete data security, Matthias thinks it’s still not enough and he’s committed to improving every way he can. “This is not sufficient, but it will help” he says of CSAM. “My ambition is to get more of the company to participate. Maybe we need to try different ways of teaching. There’s a steep learning curve here.”
Just as Hitachi Vantara helps our customers transform for a data-driven world, Matthias is helping his colleagues to remain current with the new demands of data security to protect the information that drives the company’s success. It is, of course, a learning process for all. Matthias, though, seems to be a bit more impatient and ambitious than most, so it’s a good thing he’s in charge of information security.