Data Protection is always top of mind for any company working with technology-based vendors, and the field moves so fast that it can be hard to keep up with all the changes. Here at Seismic, we take security very seriously. With the amount of myths and misunderstandings out there in the field, it can be difficult to understand what is important. Luckily, Tim Dzierzek, Director of Information Security at Seismic, is on the case to ensure that the vast landscape of data protection is under control.
Dzierzek has vast experience working in technology and information security roles. Prior to joining Seismic last May, he worked for PlayStation as the director of Security Governance, Risk, and Compliance. During his tenure, he re-built PlayStation’s Security Risk Management function from the ground up. Focusing on data protection in a variety of industries has given him having a deep appreciation for the wide-ranging implications of data protection.
“It is not a cookie cutter process,” Dzierzek said. “Information Security has to be aligned with the entire business and address its unique needs.”
Moving into sales enablement, specifically here at Seismic, has presented some unique challenges for Dzierzek regarding data protection. “The problem we face, and it’s a good problem to have, is that we deal with some big companies that have very defined and mature security programs. Seismic’s ability to match their requirements is a major topic of conversation that we have with them. So, demonstrating that we have to have the right policies and processes in place maintains the trust they have place in us.”
The constant changes in data privacy and security threats have a significant effect on any organization going through a digital transformation and bringing on sales and marketing technology. “Our customers face various privacy regulations on a daily basis, and those grow even more complex as they operate in different states in the US and different countries around the world. A relationship with your vendor is the best way to start solving the questions of these regulations.”
With sales enablement itself evolving fast, Dzierzek thinks data protection needs to be top of mind in the sales enablement engagement. “With the amount of capabilities now becoming available to distribute content, organizations must look at how vendors are providing this capability in a secure way. Further, mobile is enormous now, which has its own set of security concerns that need to be addressed.”
When considering moving into sales enablement and selecting a vendor, Dzierzek says that prospects should understand their privacy requirement locally and internationally. “GDPR and various other privacy regulations greatly affect sales enablement, and they are changing quickly. The amounts and types of data being given to sales enablement companies requires a level of security, privacy, and compliance, so it’s important to understand the various privacy regulations and the security requirements that a selected vendor must provide in order to hold that data.”
So how can an organization stepping into sales enablement be sure that their vendor is managing their data responsibly?
“We encourage our customers to evaluate the information and privacy programs of their vendors at the initiation of the relationship and annually thereafter to make sure that their expectations are met,” Dzierzek said. “You need a trusting relationship with your vendor around data protection, and that relationship needs to be built over time through consistent feedback and discussions. We know the Sales Enablement space, the data, and the regulation. Customers know their security requirements as they try to manage their risks. Working together, we can ensure that the requirements are addressed.”
Seismic customers should understand that they have a hard-working, knowledgeable Information Security team providing security for their data. But Dzierzek is always open to feedback and wants to make clear that lines of communication are always open.
“Our customers should know that it’s not unreasonable to validate our security and privacy programs. Maintaining their trust is very important to us.”