Tips to Discuss Security With Customers and Vendors

When working with customers and vendors, we recommend bringing security to the table at every phase. An Equifax Workforce Solutions leader shares his point of view on this topic below.
Tips to Discuss Security with Customers
Tips to Discuss Security with Customers

Newsflash: Customers care about security.

How do we know? From hundreds of conversations with leaders of giant enterprises, mid-sized companies and small businesses.

Regardless of size, they all have questions like:

  • “How are you protecting our employees and customers’ data?”

  • “How do you ensure your employees are behaving securely? And how can we ensure this for our workforce?”

We welcome each of those conversations as opportunities to deepen trust.

And if customers don’t prioritize security, we want to change that. Which brings me to my first consideration…

#1 – Security belongs at every stage of the customer and vendor lifecycle

When customers understand our security posture, it improves how they view us. So we weave it into almost every conversation.

Even before we achieved security leadership — when we were pursuing it but still had gaps — we talked about our roadmap. We were transparent. That transparency earned trust.

In short, we’ve found that embracing the conversation is a meaningful way to differentiate our business and demonstrate our commitment to doing the right thing.

We recommend this same approach to other companies. Whether you’re acquiring, engaging or retaining a customer: bring security to the table.

#2 – Culture can be a kryptonite or a crown jewel for security

Savvy companies know that security should be a personal priority for every team member.

Ryan Frillman, who leads security for Equifax Workforce Solutions, likens it to how manufacturing environments prioritize safety: “Are you wearing a vest and a hard hat? Paying attention to your surroundings?” Companies should be having the digital equivalent of those conversations, he says.

I chatted with Ryan before writing this article. He’s a true strategic partner to Equifax Workforce Solutions.

88% of all data breaches are caused by human error. And those humans… they’re not always on the tech team. So teach all your employees to be vigilant! Shared ownership makes your business much harder to hack.

The fastest, most impactful way to drive this change? Setting the tone at the top. CEOs, Owners, and Operators need to make it clear security is every employee’s responsibility.

This applies to all businesses, but especially to those with limited in-house security resources. That’s because:

#3 – Small businesses are top targets for cyber criminals

Cybercriminals take the path of least resistance. If a company has weak cyber defenses and non-cyber-savvy employees, they’re an attractive target. Almost half of all cyber breaches impact businesses with fewer than 1,000 employees. And on average, those companies spend between $1,000 and $600,000 on cybersecurity incidents.

Companies should avoid the fallacy of thinking “We’re too small for cybercriminals to care about us.” Paradoxically, that’s exactly why they’re targeted.

Big companies: This matters to you, too. A chain is only as strong as its weakest link. And SMBs are part of the integrated global supply chain as customers and vendors. When they suffer, the whole ecosystem suffers.

So we must think in terms of collective defense.

#4 – “Limited resources” doesn’t have to mean “limited security”

If you can’t build strong cybersecurity capabilities in-house, leverage the tech capabilities of others.

There are great service providers who already have best-in-class security built in and excel in areas like cloud security, fraud monitoring, and antivirus protection.

Things that may seem elementary — like selecting secure providers for email or CRM platforms or point-of-sale devices — matter big time when it comes to cybersecurity.

Equifax CISO Jamil Farshchi (center) speaks alongside Bryan Vorndran (right), Assistant Director of the FBI’s Cyber Division.

And government agencies can help bolster your security, too. Especially the FBI. According to Equifax CISO Jamil Farshchi, who serves as their strategic advisor on cybersecurity matters:

The FBI has local cyber experts who can show up on-site in a matter of hours to provide unique investigative and intelligence-derived insights into the threat you’re facing and how to blunt them.

Partnership is the way. 

The bottom line

We get it: Business is complicated enough without putting cybersecurity on the main agenda. But the good news is you don’t have to fight the battle alone. Together, we can collectively strengthen cybersecurity and deepen customers’ trust through more communication, more collaboration, and more transparency.