Making Data Security Compliance a Revenue Driver

The SolarWinds cybersecurity attack and CNA breach have made corporate data security certification a higher priority than ever - not least in the customer acquisition process - and there are ways of making this significant investment pay additional dividends.

learn more about Yair Kuznitsov

By Yair Kuznitsov

Opinions expressed by Entrepreneur contributors are their own.

To join a poker game, players have to put down a minimum bid sometimes referred to as table stakes: the smallest viable amount needed to play. With it, you're in the game, but without it, you're out in the cold. In today's market, data and transactional security compliance has become table stakes. In order to play, possessing specific reports has become the minimum viable bid. With a SOC 2 (the acronym standing for Service Organization Control) and/or ISO (International Organization for Standardization) 27001 risk assessment report in hand (or whatever the relevant framework in your market happens to be), you've got a game, a shot at getting a piece of the action.

Frameworks as prerequisites to growth

Today, getting sacked by ransomware is no longer a shock, and breaches of sensitive information are commonplace. Incidents like the SolarWinds breach (with an average total cost to companies of $12 million) and the ransomware attack on insurance provider CNA (total cost: $40 million) demonstrate the immense monetary ramifications that come with lax attitudes and less than optimal practices.

These numbers have had a direct impact on how third parties are choosing to do business and create partnerships. Now C-suites across the globe have snapped out of their, "it's IT's problem, so we don't care"-induced slumber only to find themselves in the brutally monotonous task of compliance processing. But it's worth it; unless businesses can prove with a high degree of certainty that their systems are secured from the next big threat, no potential partner or customer in their right mind would close a deal with them.

Related: 5 Ransomware Protection Tips for Your Small Business ... From a Hacker

With SOC 2 or ISO 27001 in hand, partners and customers can feel confident that data is safe and sound — they are a baseline from which deals and partnerships take shape, and enable the growth needed to propel business. But how can organizations best leverage such frameworks, and how can they remove the tedium that generally comes with compliance-related activities?

Frameworks as deal closers

SOC 2, ISO 27001, and Payment Card Industry Data Security Standard (PCI-DSS), among other certifications, provide instructions (although some less definitively than others) on how to meet security best practices, both technically and operationally. They provide organizations with the guidelines needed to enhance security, meet regulatory requirements, improve business processes and take care of other activities needed to meet company goals (primarily, securing new customers and solidifying existing partnerships).

Having certifications in hand can be a powerful sales advantage; discussing compliance issues can become a key part of a sales team's initial touchpoint. This can vastly reduce friction with prospects, as sales representatives can quickly and seamlessly produce tangible answers to most (if not all) security-related questions. This means that compliance teams mainly have to deal with escalated issues, such as when reports indicate a control is missing.

Related: Cybersecurity Is No Longer An Option. Your Money Is in Immediate Danger.

Automation is key

But to achieve this state, companies need to stop viewing security assurance as something to just get through as quickly as possible. With the right approach, security frameworks can create trust-based relationships that support expansion and become true deal closers. The key to making this possible lies in the automation of manual, tedious, time-consuming and error-prone compliance activities in order to optimally meet frameworks and everyday compliance challenges.

With automation, you can leverage compliance to propel and sustain growth. By continually collecting control evidence in the background, your team can invest time in other initiatives, and the lifecycle of all policies can be fully orchestrated, saving time and preventing errors. You can also ensure that evidence is automatically cross-mapped to relevant frameworks, which also saves time and effort by eliminating the need to collect new evidence with each audit. And with direct mapping of relevant plug-in evidence to controls, you can stop putting money and resources into professional consulting. Automation is the core of an integrated and scalable compliance program that helps customers see your clear commitment to best practices.

With automation, meeting frameworks is simpler than ever — and that's a huge benefit, as potential customers need to know they can trust you, now more than ever.

Related: Invest in the Company Breaking into the Untapped Home Cybersecurity Market

Yair Kuznitsov

CEO and Co-Founder at anecdotes

Related Topics

Editor's Pick

Everyone Wants to Get Close to Their Favorite Artist. Here's the Technology Making It a Reality — But Better.
The Highest-Paid, Highest-Profile People in Every Field Know This Communication Strategy
After Early Rejection From Publishers, This Author Self-Published Her Book and Sold More Than 500,000 Copies. Here's How She Did It.
Having Trouble Speaking Up in Meetings? Try This Strategy.
He Names Brands for Amazon, Meta and Forever 21, and Says This Is the Big Blank Space in the Naming Game
Green Entrepreneur

A Massive Hole In the Sun May Cause Dazzling Light Show Here On Earth

NASA says the coronal hole could blast the Earth with solar winds as early as Friday. What does this mean?

Business News

The 'Airbnbust' Proves the Wild West Days of Online Vacation Rentals Are Over

Airbnb recently reported that 2022 was its first profitable year ever. But the deluge of new listings foreshadowed an inevitable correction.


Why Failure is a Choice You Make

Failure is a product of our mind and therefore we determine if it exists or not. Learn more empowering ways to view situations where failure becomes a stepping stone, not a roadblock.

Business News

These Are the Most and Least Affordable Places to Retire in The U.S.

The Northeast and West Coast are the least affordable, while areas in the Mountain State region tend to be ideal for retirees on a budget.

Business News

Gen Z Loves the Toyota Camry. Here's What Car Brands Boomers Love Most

S&P Global Mobility provides data on what types of each age group likes the most, based on car registration.