In our third episode, we sat down Jeff Man, Security Consultant, Advisor, and Information Security Evangelist. He was joined by Joseph Kirkpatrick, Founder, President, and IT Security Strategist of security auditor KirkpatrickPrice.
This episode also marks a turning point for the B2B Commerce UnCut podcast.
We’re thrilled to introduce our new host, Jary Carter. His experience in B2B goes back to the early days of Magento. Later, he served as a Chief Revenue Officer at Oro, Inc, and now holds the same role at WordPress VIP. Jary is a talented, engaging, and truly one-of-a-kind interviewer, and we’re glad to have him on board!
Depending on who you ask, cybersecurity will mean different things. Most, however, will agree it’s not something you check off during an audit – but a complex and ever-changing process. Ultimately, this responsibility falls on everyone within the organization, from the CEO to the customer-facing employee.
In this engaging discussion on Security and Compliance in B2B eCommerce, we uncover numerous insights, best practices, and some entertaining stories involving enterprises and how they addressed their security challenges.
Our Guests at a Glance
What is cybersecurity?
“It really depends who you ask this question,” believes Man. Some see compliance as a silly nuisance exercise and it’s not real security. Therefore, it’s viewed by one camp as a simple checklist to follow and requirements to meet.
“I’ve worked with companies that had a list of over 400 specific requirements, and they struggled to do every single one of them,” continues Man. And as time goes on, they struggle to consistently meet these requirements.
Are security and compliance the same thing?
Compliance is a one-time once-a-year, come in and see how you’re doing deal. And security is something that you do all the time, admits Man. Security is about doing specific actions to prevent bad things from happening to your organization.
“Both [security and compliance] are reflective,” says Man. The goal is to detect how prepared a company is to deal with something terrible happening to the organization. And hopefully, minimizing the damages and consequences of that.
What is required of manufacturers and distributors?
Most organizations moving online from a traditional brick-and-mortar environment are eager to do business online. “So there’s a bit of a reactive response to things that a customer or a regulatory body may ask,” says Kirkpatrick.
Today privacy is at the forefront. You really have to be aware of the laws relevant to your line of business and where you’re doing business. For example, in California, there’s the Consumer Protection Act. If you are working with a client in Europe, you have to be concerned about GDPR.
“Lastly, B2B businesses are quite complex,” says Kirkpatrick. Organizations tend to share data with other business units or entities that the company owns, not to mention various third parties. It’s just some of the considerations businesses should explore.
What is the current state of B2B enterprise security?
I was excited with the industry 10 years ago, admits Kirkpatrick. “I thought, were at the peak. But the funny thing is, I can say the same thing right now.”
Take the releases that come out from government agencies from industry groups, he continues. It’s impossible to keep up with them.
The trend is now “What do we not know?” With every new release, there’s a breach that we didn’t know about. So it’s constant checking, revelation, and the never-ending pursuit of the unknown.
Quotes and Takeaways
They feel unprepared; they don’t have the knowledge; they don’t have the skills to confront this growing complicated threat. And so they just want somebody to be responsible for it.
At the same time, there’s tension between users, organizations, and technology providers, believes Man. The prevailing thought is that technology should solve everything; the technology should be secure. So it’s both an education issue and a responsibility issue.
You can listen to the podcast and view the full transcript here.
Liked this episode of B2B eCommerce UnCut? We want to hear from you! Ask us a question, suggest a topic, or leave feedback by heading to our podcast landing page.