Today is Halloween, the perfect day to discuss the ghouls and goblins that haunt our digital lives. As Smith’s Chief Administrative Officer, I am responsible for overseeing Smith’s cybersecurity management. Protecting Smith’s employees, customers, and suppliers from the unauthorized use of data takes diligence, planning, and ongoing internal training. Taking a proactive approach to data security prepares us for the cyber trick-or-treaters sure to come knocking on our digital doors, and they take no holidays.
Smith’s leadership in the distribution of electronic components reflects our commitment to our customers. From our quality control to our focus on confidentiality, Smith puts security at the forefront of our operations. When addressing cybersecurity, protection should match exposure. As a global company, Smith exchanges data with customers and suppliers around the world, and our cybersecurity program reaches as far as our products and services. Smith strives to stay ahead of potential cybersecurity attacks by continuously training our employees and implementing proactive IT security software, equipment, and processes to safeguard Smith and its stakeholders.
As in our lives as consumers, the stores where we shop, the websites that we visit, the ads that we click all impact our cybersecurity. The same rings true in the workplace. Implementing an effective cybersecurity program often includes third-party screening and management. The suppliers that you engage with can safeguard you, or they can make you a target for cybercrimes and cyberattacks. Engaging with third parties who do not have the proper processes in place to protect your data can cause unnecessary risks to your business. As an independent distributor, Smith’s vast interconnectivity and reliance on data make cybersecurity a crucial part of our daily operations.
Smith’s operational procedures reflect a need for customer confidentiality. Preventing data from being accessed by an unintended audience means establishing parameters to prevent a data breach. Smith’s confidentiality procedures encompass written, verbal, and digital information. At Smith, protecting the confidentiality of our customers and suppliers starts by training our employees on required best practices for data storage, documentation, transmission, and destruction. Every Smith employee completes training on cybersecurity and proper data hygiene. From file saving and sending to faxing and filing, Smith employees follow detailed processes to keep our business network secure.
Smith continually assesses our digital risks to inform our cybersecurity strategy and prevent cyberattacks. Smith conducts regular data security drills across a variety of social engineering formats to monitor how our people interact with potential cybersecurity threats. Phishing tests and other baiting exercises indicate that educating our employees on cybersecurity continuously lowers our vulnerability.
Consistent maintenance and equipment updates protect our IT infrastructure and help us plan for the unknown. Smith’s incident response plan and business continuity program prepare us for “what if” scenarios and position Smith to provide our customers with continuous service and data protection. Internal asset disposition of retired IT hardware, such as hard drive wiping and shredding, also plays a vital role in our data management and cybersecurity.
The current digital landscape often leaves businesses and individuals in a position of vulnerability due to our constant reliance on data. Finding the right balance between business convenience and security can be challenging, but, in our interconnected world, the importance of limiting our exposure to cyberattacks is paramount. To reduce third-party risk factors, I encourage customers to work with supply chain partners like Smith who have a comprehensive cybersecurity program in place.