A Framework Can Streamline Vendor Onboarding
- One of the most important benefits for his operation is not having to constantly reinvent the wheel as he adapts the business’ security practices to changing operations and different regions.
- Frameworks give you flexibility to adapt the practices to your own needs, but that leaves open the possibility that your implementation may not be what it should be.
“If you are outsourcing services, whether its cloud or other third-party services, security frameworks become great tools for controlling the end-to-end supply chain.”
“In manufacturing, the industry regulation for cybersecurity is still quite immature” says Tero Lampiluoto, chief information security officer at Outokumpu, a global stainless steel manufacturer headquartered in Finland and with offices in 30 countries. Nevertheless, information security plays an important role in the company’s operations. Lampiluoto points out that e.g. Homeland Security considers primary metals manufacturing as part of critical infrastructure. As a publicly traded company, Outokumpu is subject to financial regulation and must also protect personal data, especially sensitive employee data. Lampiluoto says, “I take a business-orientated approach to security. Cybersecurity is not only an IT matter: It must encompass human resources, communications, finance, and other operations across the organization.”