Does a Global and centralized Cybersecurity need a voice of the customer (VoC) program for internal IS/IT customers? Do you have suggestions regarding internal VoC implementation?

Applications & PlatformsSecurity & GRC
3.4k viewscircle icon2 Upvotescircle icon7 Comments
Sort by:
CIO in Government2 years ago

At the Virginia Dept of Social Services, IT works jointly with Information Security and the Business to assess customer demands, determine best solution, and also comply with the Commonwealth security standards.  We believe that having the customer start the process thru IT, allows all of us to work behind the scenes to incorporate security into all aspects of IT services

Director of IT in Healthcare and Biotech2 years ago

A worldwide and centralized cybersecurity system should benefit from a VoC program findings. Knowing the experiences, difficulties, and goals of internal IS/IT consumers helps enhance system usability, efficiency, and security.

Identify Important Stakeholders: This covers all cybersecurity system users, from frontline IT personnel to senior management. VoC must address their needs and experiences.

Develop and distribute system usability, security, response time, and satisfaction questionnaires. 

Interviews/Focus Groups: Interviews and focus groups provide deeper insights. This may reveal subtle difficulties that surveys miss.

Feedback Loop: The VoC program should be ongoing. It should give real-time input to improve the cybersecurity system as demands and difficulties change.

Act on feedback. Share ideas with the cybersecurity team and create a plan for adjustments.

Lightbulb on1
Director of Network Transformation2 years ago

Customer first security!  Love this idea!

Lightbulb on1
CISO in Healthcare and Biotech2 years ago

A VoC program bridges cybersecurity teams and internal IS/IT customers, collecting their feedback to tailor strategies, services, and solutions to meet unique needs while mitigating risks.

Lightbulb on1
Director, Information Security2 years ago

VOC is an absolute need for continual improvement, customer has equal right to understand the cyber security posture and risks due to emerging technologies.

1 Reply
no title2 years ago

can't improve what you don't measure

Content you might like

How are companies doing Unified Vulnerability Management? The idea is bringing all inputs (AppSec, DevSecOps, VM scanning, asset discovery etc) into one platform.  Instead of creating a homegrown solution, are there vendors that do this well?

We implemented Oracle HCM recently including Redwood.  Defining the long term plan for support, we face challenges with our Oracle Security knowledge depth specifically (defining and maintaining roles/ SOD/ SOX etc). Is there anyone who has experience in setting this up after a successful Oracle HCM plus Redwood implementation and would like to share best practices with me?

GitHub's Developer Rights Fellowship will provide legal support to developers whose source code runs afoul of the Digital Millennium Copyright Act (DMCA). How do you see this affecting open source code legislation?

It will encourage eased restrictions and more advocation on behalf of open source communities.29%

It will bring the wrong attention to DMCA practices and cause additional legal issues.52%

It will balance the scales on difficult to navigate DMCA legislation, but no changes in the foreseeable future.14%

I don't know4%

View Results

Experts say a new hacking group that has emerged recently named BlackMatter is using techniques that are similar to the DarkSide group that successfully hacked the Colonial Pipeline Co. earlier this year. Do you think they're the same group?

Yes BlackMatter is DarkSide returning under a new name.40%

No, BlackMatter is a different group from DarkSide.36%

I don't know24%

View Results

Does anyone has experience with Databricks? We would like to learn about your experience.

Read More Comments