How can organizations effectively foster customer trust in real time?
In our Super Cyber Friday event, "Hacking Customer Trust: An hour of critical thinking on how to move beyond questionnaires and demonstrate trust in real time," we dove into strategies to alleviate classic pain-points in external security validation, transition from reliance on third-party validation to robust use of first-party data, and enhance the automation of trust workflows. Joining us for this discussion were Sanjay Padval from Vanta and Bryan Culp from Box .
HUGE thanks to our sponsor, Vanta.
Watch the full video here:
Please register for our next (04-26-24) Super Cyber Friday, “Hacking Your Cybersecurity Career: An hour of critical thinking of how to level up your professional development.”
Did you know that we have an events calendar? Visit our events page to subscribe so you can stay up to date on Super Cyber Friday and other CISO Series content.?
Best quotes from our guests
“Your products change. Your infrastructure changes. Everything goes out of date. Building trust and the ability for you to have confidence in what you say you do and continuously prove how you do those things is becoming increasingly more important.” - Sanjay Padval, Vanta
“As much as we try to push back on specific questionnaires and use commonly known templates like the SIG and the CAIQ, we still have those customers who want to have their specific questions answered. They’re often different versions of the same thing. Something that all of us in the industry are grappling with is… How do we push back? We want to push back, but we want to be careful not to push back too hard because at the same time we are trying to support sales, trying to support renewals and these are quite legit questions.” - Brian Culp, Box
领英推荐
“In regulated industries and Europe, there are controls that buyers want to know about your privacy. As that buyer, they are required to be able to prove that their vendors do X, Y, and Z things as part of their compliance standards or as part of their audit.” - Sanjay Padval, Vanta
“The concept of saying that you take something seriously and you demonstrate outwardly that, ‘Hey, this is important to me. It's not just an afterthought,’ is actually starting to pay dividends.” - Sanjay Padval, Vanta
“All companies, not just startups in this space are experimenting internally with how AI can be used to address this space. Many of us have been talking about this for a while, this notion of almost kind of a universal translator. I have the customer trust team, as well as the third-party risk team. And what I have seen, historically, or at least in recent years, is more of an emphasis and investment on the customer side for asking the questions. And what I'm really looking for is on the customer trust side, the folks who are putting together those answers and that information and populating the trust center. How do we make it easier for them?” - Brian Culp, Box
“There's a lot of focus from customers on how their vendors are addressing known vulnerabilities and if they are on top of them.” - Brian Culp, Box
Quotes from the chat room
?“Resist the urge or need to send a questionnaire when a vendor has a trust center with all the data.” - Dr. Dustin Sachs DCS, CISSP, CCISO , senior manager, information security risk management, World Kinect
“Start to use (and make it accessible to Sales teams!) internal Gen AI language models to respond to DDQs (due diligence questionnaires).” - Aman S. , cybersecurity business engagement, vp, 爱思唯尔
“Research the customer, and the person you are talking to before they call. Don't just assume you know what they need and know that the business is.” - George Strassburger , information security officer, director of operations, SG Computers Inc.
“Be willing to say you don't do something. Don't wordsmith the heck out of what you do, do, just because everyone else does it.” - James S. , DevSecOps engineer
“I ask my teams to pay as much attention or more to reporting to our customers/constituents as they do reporting to me.” - Adam Arellano , vp enterprise cybersecurity, PayPal