Paul Heffernan, CISO, Unipart Group

Framework Benefits Tie Back to Reasons for Framework Adoption

  • The framework enables you to know what your partners and suppliers are doing in their security practice, and it makes it easier for suppliers to comply with your requirements.
  • If it is taken seriously in the organization and given the proper resources, a security framework starts to become part of the knowledge and systems thinking within the organization.

“The framework allows the customer to have a sense of trust, and that trust turns into business confidence, which turns into more new customers.”

“We use a range of security frameworks because of the diversity of our business,” says Paul Heffernan, chief information security officer (CISO) of Unipart Group, which provides manufacturing, logistics and consultancy services. “It’s complicated because we have a number of different businesses, with operations in Europe, North America, Australia and Japan, supported by over 7,000 employees.” Heffernan explains that not all segments of the business need to operate under strict security regimes. “In some parts of our business, we operate with strict controls, and in others we have a more liberal approach that ensures a baseline standard but does not unnecessarily constrain the business” he says.

This is an excerpt from Economic, Operational and Strategic Benefits of Security Framework Adoption. The eBook was generously sponsored by Tenable.