The Schellman Blog

Chief Information Security Officers (CISOs) aren't what they used to be. According to the Identity Theft Resource Center, data breaches exposed over 169,068,506 confidential records in 2015. Before cybersecurity became top talk within the IT world, CISOs were responsible, in general terms, for security. Today, they play a much more integral role in the enterprise.

Co-Authored with Kurt Long from Fairwarning and originally published on informationsecuritybuzz.com Today’s modern CRM systems are vital to your business’ success. CRM data now holds every aspect of your business’ proprietary information from corporate intelligence to sales data; as well as your customers’, from buying patterns to PII. A data breach to your CRM could be devastating to your organization resulting in lawsuits or irreparable harm to your brand’s reputation and customer trust. With so much at stake, here is what you need to know to protect your CRM.

Securing top management’s support is essential for the success of critical information security initiatives. Leadership buy-in drives the prioritization of security standards and best practices and helps to cultivate and foster a strong company-wide commitment to security-focused compliance.

Your company has internal security measures in place, and it has met many compliance requirements. But do these things mean your business is now immune to fraud? Probably not. Research shows that 75 percent of companies have fallen victim to fraud in the last year.

Formerly known as Service Organization Controls (SOC) reports, what are now known as System and Organization Controls reports help companies establish trust and confidence in their services or products, including their delivery and business processes and their controls.

[NOTE: Schellman has since updated this content in a more recent article.] Think of your auditing firm like you would a long-term business partner. They are someone you will work with year after year, and they will be an integral part of setting the stage for your organization’s success. As such, the act of selecting the appropriate assessor shouldn’t be taken lightly. Here are several key qualities your organization should look for when choosing an auditing firm:

According to a study by Ponemon Institute, companies that had data breaches involving less than 10,000 records had an average cost of data breach of $4.7 million and those companies with the loss or theft of more than 50,000 records had a cost of data breach of $11.9 million.

As CEO of your company, you’ve worked hard to grow the business and ensure success. But there can be a roadblock to future growth of your organization—lack of compliance. This can have several negative effects on a company including loss of customers, fines and a lack of trust among current customers or prospects.