Back to Blog

Role of the Technology Vendor versus Role of the Customer

Post by |

When thinking about Data Protection, it is difficult to think of this topic without automatically thinking about the technology that we use to process information. Everything from the collection, storage and sharing of information has been made possible by technology. And 'technology' has changed. It isn't just the home or work computer we use; it's the mobile phone, the tablet and it's also a plethora of other devices, such as CCTV, building access control, heating and ventilation systems. We carry devices which report on our heart rates, exercise patterns and sleeping habits. Even our cars have been described as 'computers on wheels', as they monitor engine performance, and track our driving styles.

Our digital universe is therefore no longer 'out there', we are living in it and we seem to have accepted this situation without any real consideration of the downside.

The downside of course is the ongoing risk of becoming a victim of cybercrime or suffering a data breach, and as we increasingly depend on our digital universe to survive, the likelihood of falling-foul of these risks is also increasing.

So, what should we do?

Clearly the role of the technology vendor (supplier) is to ensure their devices/systems are designed in a secure manner. To this end, the new General Data Protection Regulations (GDPR), which comes into force in May 2018 outlines what is required in "Data protection by design and by default" (Article 25). Vendors have a responsibility to consider how technology could be used in a negative context, and should put in controls to reduce the risks. A simple example here would be manufactures of 'Wifi' enabled devices requiring passwords to be changed on first use. Vendors have a big part to play in data protection. But the story doesn't end there.

The customers' role

Increasingly vendors recognise the importance of data protection and cyber security, and they have put in place steps to ensure security is maintained. However, as customers (aka consumers), we are often impatient and irritated by these controls, and subsequently disable security features or don't heed the requests of vendors, who might suggest "change your password on first use. Here's how...". As customers, we often place convenience over security, and this is leaving us vulnerable.

So what needs to happen?

Both vendors and customers have a job to do. They both must take responsibility for good data protection and cyber security, but I feel the customer has the biggest journey to make. Vendors recognise that they have an obligation to protect their customers, so they offer the tools to enable the customer to do so. However, if the customer fails to take these measures they are leaving themselves vulnerable and cannot blame the vendor. This is akin to driving recklessly and then blaming the car manufacturer because you had an accident. Using technology in a reckless manner may not result in a loss of life-or-limb, but it can hurt. Both vendors and customers have a role to play, so let's hope both begin to understand the important parts they have to play.

About the Author:


Gary Hibberd was appointed as Managing Director of Agenci back in 2012. Gary’s passion for all things cyber was sparked in 1985 when he began his as a programmer. As a result of that passion Gary went on to become a renowned expert on ISO 27001 and GDRP. Today, Gary is a passionate practitioner and regular speaker on cyber security.

Gary speaks across the Globe to both large and small business as well as private and public organisations. He loves to engage the next generation of cyber experts speaking in schools, colleges and universities. As part of his busy life Gary has authored books on cyber security and business continuity as well as contributing to government initiatives on cyber security and counter terrorism. If that wasn’t enough in his personal life Gary is an avid obstacle race participant and fitness fanatic. Gary can count the Worlds Longest Obstacle race amongst his many personal achievements.

| See all our contributors
Back to Blog