Certification growing in importance in an increasingly interconnected world

by Phil Kernick, Chief Technology Officer at CQR

When they were first invented as business structures, companies tended to operate as stand-alone entities. Each would carry out all the activities required to create the goods or services provided to their customers.

During the 1980s, this situation started to change. The concept of 'outsourcing' became popular and companies began to offload elements of their operations to external parties. The rationale was that they could do it faster, better and more cost effectively while the company itself focused on its core competency.

As a result, organisations found they no longer operated in isolation but instead had a web of links to other companies. These links became vital for their ongoing operation and growth. Any disruption in one area could have rapid and significant flow-on effects in others.

The importance of trust 

As this outsourcing trend grew, the importance of inter-company trust came to the fore. Companies realised they needed to be able to trust their chosen third parties to carry out functions professionally and securely.

This was particularly the case when it came to outsourcing the IT function. A company needed to be sure the selected third party had the qualifications and knowledge required to ensure systems were maintained and secure at all times.

Today, this subject of trust is particularly acute when a company opts to make use of a cloud service provider. The company must be confident the provider has in place the necessary systems and processes to ensure the service is reliable and resilient to cyber attacks.

Certification is key

One of the most effective ways of creating trust between companies is through the use of certifications. A potential provider must be able to demonstrate that they have been reviewed by an independent party and found to be operating in accordance with industry best practices.

Unfortunately, there is currently no legal requirement for such certification. Indeed, anyone can hang out a shingle and call themselves a cyber security expert. There are companies offering security services without any qualifications or certifications at all, and this should be a very real concern for anyone making use of their services.

Before establishing links with any external party, a company should carefully review its certifications and ensure they are operating efficiently, effectively and securely. A failure to do this could result in business disruption and loss.

Inter-company trust has never been more important and it has now become the bedrock of the modern economy. That bedrock needs to be hardened with proper certifications.

Tags cyber attacks

Show Comments