Tomas Honzak

The Human Side of Data Security: How Success Stems from Communication and Buy-in

For a CISO to succeed, they need to create a culture of involvement, rather than driving people to bad behavior

When talking about the cloud, we often discuss major providers — the hyperscalers — and it’s easy to overlook specialty companies doing great work focusing on a specific area. One such organization is GoodData — a real-time, open, scalable, cloud-native business intelligence platform-as-a-service, for analyzing, utilizing and monetizing customer data.

With GoodData being used by over half of Fortune 500 companies, it’s imperative its platform is secure — and much of that responsibility falls to Chief Information Security Officer Tomas Honzak. An industry veteran, Tomas believes something else is too often lost in the conversation about cutting-edge cloud technology, particularly when it comes to security: people.

Tomas recommends other CISOs embrace culture as much as technology if they want to succeed: “Be present and part of company life — be involved and build your security organization and team in a way that feels natural for the rest of the company.”

This belief in creating a culture of involvement and buy-in — a very human side to security — forms the spine that runs through the latest episode of the Cloud Talk podcast. Rackspace Technology Chief Technology Evangelist Jeff DeVerter and Tomas Honzak’s lively and wide-ranging discussion covers, among other things:

  • Why security success depends on fostering communication and a culture of shared responsibility
  • How the mass shift to digital workloads and work-from-home requires security officers to think holistically
  • Why you should prize resiliency and accountability rather than believe you can protect your company 100%
  • Why security teams require a first-class seat at the table during partnership discussions and implementation
  • How mentoring and giving back to the community can help you become a better professional

This is all positive thinking; the flip side is a darker path awaiting those who fail to heed these lessons. In marginalizing the human aspect of security, a CISO could even put their entire company at risk. “The problem with information security is if you overdo it, you’re not helping — you might be slowly killing your business,” said Tomas. “People will work around your technology. Security officers might think everything’s in order, but sensitive and confidential data will appear where it shouldn’t. And if you don’t know where your data is and how it’s flowing between whoever needs access, how can you keep it secure?”

This is why Tomas remains convinced a major priority for any CISO should be to build a security-minded culture and to understand you “can’t just stop — you can’t think you’ve done it and move on.” Much of this comes down to good communication: “You must explain security to everyone in your company in a way that’s easy to understand, and balance activities so although people might find security brings obstacles, it makes sense to them.”

Once again, then, this is a deeply technical conversation that comes back to communication — how you talk to staff, partners and customers, to ensure you’re not erecting barriers to positive customer experiences and better security. With that in mind, Tomas’s final words ring true: “Like any other discipline, security is all about technology, processes — and people.”

Listen & Follow

 

Join the Conversation: Find Solve on Twitter and LinkedIn, or follow along via RSS.

Stay on top of what's next in technology

Learn about tech trends, innovations and how technologists are working today.

Subscribe
ransomware

The Dark Side of Today's Sophisticaed Ransomware Attacks

About the Authors

rackspace logo

Rackspace Technology Staff - Solve

The Solve team is made up of a curator team, an editorial team and various technology experts as contributors. The curator team: Srini Koushik, CTO, Rackspace Technology Jeff DeVerter, Chief Technology Evangelist, Rackspace Technology The editorial team:  Gracie LePere, Program Manager Royce Stewart, Chief Designer  Simon Andolina, Design Tim Mann, Design Abi Watson, Design Debbie Talley, Production Manager  Chris Barlow, Editor  Tim Hennessey Jr., Writer Stuart Wade, Writer Karen Taylor, Writer Meagan Fleming, Social Media Specialist Daniel Gibson, Project Manager

Read more about Rackspace Technology Staff - Solve