Expert Announces Potential Weak Link In Cybersecurity
September 10, 2015 - Henry Schneider, an Austin, Texas Process Management expert announces a weak link in Cybersecurity that could put at risk any enterprise, including the national power grid and healthcare companies that hold millions of sensitive personal records.
Newspapers constantly announce that the nation's power grid is vulnerable to cyber attack. Delivery and control of this essential service depends on technology. Healthcare companies that hold some of our most closely guarded private information are at risk. Hackers want that information.
Cybersecurity is one of the largest issues in the world today. Most systems are vulnerable to people who should not have access to them. Generally, organizations know that cybersecurity can be a problem, but they don't know all the ways to protect themselves, other than by using industrial security software and keeping passwords safe.
"The security of our systems is directly related to the technology, the caliber of the people doing the work, and the processes used. That means people, tools, and methods," says Henry Schneider, of Process and Product Quality Consulting (PPQC). "The weakest link, in all of this, is people. People follow the processes. And different people perform these processes differently. Proper process usage must be reviewed, verified, enforced and analyzed, and appropriate corrective actions taken when needed. Companies can eliminate that weak link with Process Assurance."
The processes at risk include the technical processes directly related to cybersecurity, the engineering processes used to implement it, the service delivery processes, the management processes, the support processes, and more.
Schneider says that without Process Assurance, companies can set up the most bulletproof, secure servers in the world, install the most expensive security software, but unless they have the right systems and procedures, implement Process Assurance, and monitor their systems, one of their own people can be the weak link that puts their company, systems and data at risk. This has been shown to be true in newspaper headlines many times in the past year.
A recent post on LinkedIn, headlined “How safe is your company data?" noted that an alarming number of healthcare companies report data and security breaches. The final sentence in the LinkedIn article says “A full review of your network and business process will give you a clear understanding of your IT network strengths and weaknesses."
Schneider says the story, from a “security software company," is dangerous for a healthcare company, because it only tells part of the story. The company could implement the software, but without the rest of the story, they would still be as vulnerable as they were before. Schneider says, “there is much more to it than merely reviewing the business processes. The missing part of such a review is to address the rigor with which people are actually applying the processes. A company can easily have a robust-looking business process on paper, but if people do not follow the process, then all bets are off."
Henry Schneider is available to help global enterprises align their business and security processes.
About Henry Schneider
Henry Schneider is President and Senior Principal Consultant at Process and Product Quality Consulting, a process improvement company.
About Process and Product Quality Consulting
PPQC is an elite, highly specialized consulting company that rapidly delivers analysis and tailors solutions to maximize an organization's earning potential by building internal bridges between groups to solve problems related to growth, quality issues, product development, delivery of services, and acquisition of products and services. PPQC helps companies strike the balance between people, process, and tools by bringing over 30 years of experience across more than a dozen industry sectors to enhance organizational performance, increase bottom lines, improve quality, and reduce rework.