Redefining trust in our work communications

Extra emails, remote meetings, longer phone calls … The COVID pandemic challenges us on the way we connect and communicate; but it also clearly impacts what we communicate. Data protection and privacy have become a key driver to consider when building trust.

Going remote implies choosing the right technology

Technology has facilitated the shift to remote working during the pandemic. From file sharing to video conferencing tools, plenty of solutions can now help teams work together and manage projects efficiently.

However, remote engagement brings the question of tool usage, especially in customer-facing situations within “the new normal”. For example, in our consulting team, we have experienced situations where our customer’s communication applications were blocked on our network for security reasons. Our internal process for approving different tool’s shows how reliant we are on existing technology in-place.

Quality of tool is another important factor: when there are interruptions or a lot of static noise, it may really impede the information gathering stage and impact the communication. Going remote implies choosing the right technologies that will improve productivity and secure an organization’s business in the long term.

Losing non-verbal aspects

Visual contact is essential in order to read non-verbal communication, as it may – obviously – contribute to overall trust, even in business relationships. Most of the consulting projects we worked on previously requested some of our onsite presence, at least at early stages (initial pitching, qualifying presentations, etc.). We are now conducting them remotely, taking into account different working schedules, more flexibility in arrangements, and the difficulty of getting validated and cross-checked information throughout the engagements.

Personally, I have witnessed that some of the inputs provided remotely may not reflect the documented evidence. It is then a matter of trust. Trust among participants is now one of the key ingredients that may impact the quality of our work; and it may take too long to reach an adequate level of trust in the new normal. If a strong trust link is not established, a customer’s group may withhold an important detail, even when it is not their direct responsibility or ownership.

Of course, this calls for planning and conducting additional activities in order to ensure comparable levels of work quality.

Strengthening data privacy

The post-COVID-19 world is driving the need for data privacy. Before, people used to share the required information during face-to-face meetings. Now you sometimes need to provide much more explanation to get a complete and truthful answer. Due to some internal limitations or data-sharing policies, obtaining further evidence or documents may only be possible after getting the data protection officer’s, or some official customer representative’s signoff.

We heard a lot about the crisis’ impact on cybersecurity and the tools required to deploy to secure homeworking. However, this is not only a technology topic but also a shift to new processes and ways of working around the question “Should I grant or deny my contact access to this information?”

We heard a lot about the crisis’ impact on cybersecurity and the tools required to deploy to secure homeworking. However, this is not only a technology topic but also a shift to new processes and ways of working around the question “Should I grant or deny my contact access to this information?

The level of formalism in that context — I believe — is getting stronger and very unlikely to go back to the informal way of working before the pandemic. We do see that data protection is becoming a rising concern in most of our projects.

Toward a strengthened enterprise data management approach

All the above aspects are to some extent connected to remote work and are not necessarily the result of the health crisis. But what is more evident is that organizations are now looking to shift to end-to-end process mapping and control across the business with clearly identified data and information flows. This is one of the key aspects that CISOs will have to consider for enhanced data-protection controls.

Policy enforcement becomes a matter of process-ownership enforcement, where organizations show both their strengths and weaknesses in various security domains. Those domains range from governance and security program sponsorship, all the way to understanding external dependencies and properly managing them.

The market is increasingly aware that an enterprise’s reliance on external organizations needs to be managed alongside all associated risks. As a result, enterprise data management, including supply chain risk management, is a new topic of interest.

With the increased scale, complexity, proliferation of data, and need to cater to the data-driven economy, organizations require a well-defined data governance program in this post-COVID--19 world to recreate trust in communications.

Related link:

Are you prepared to unlock the business value of data?

Share this blog article


About Josip Vracar

Cybersecurity principal consultant
Josip Vracar is a cybersecurity consultant with over 22 years experience. Specialized in information security, governance, risk & compliance (GRC) and strategy & management consulting, he manages cybersecurity projects in several industries (public sector, finance, insurance...). Josip has a Master in Applied Math & Computer Science and is a certified ITIL/ITSM V3 expert.

Follow or contact Josip