Records managers: The new cybersecurity leaders at #ARMA2019

At the ARMA conference this year, Dr. Mansur Hasib, an expert, author and teacher of cybersecurity, spoke about the overlap and even synonymy of records management, information governance and cybersecurity. A perfectly timed keynote during National Cybersecurity Awareness Month!

As an expert in the field, he talked about the keys to cybersecurity: data integrity, data availability and data confidentiality.

These same three factors, he said, are the underlying goals of an organization’s records management and information governance practices as well. As such, it is critically important that organizations recognize all the employees and teams involved as true contributors to cybersecurity.

But today, we’re focusing on records managers.

The value

Echoed throughout the conference, it is critical for company management to understand the value and risk its information assets hold and thus the importance of expert and proper management. Increasing this importance even more, the way organizations conduct business and the types of information that fuel that business are constantly evolving.

With that, it is important that records managers see themselves not simply as information archivers, but security professionals in charge of ensuring that information flows through the organization quickly, yet securely, and that it is disposed of responsibly. Dr. Hasib emphasized to the audience that this should mean records management teams should not simply be seen as cost centers, but instead as innovation and productivity engines.

Welcome to the cool kids’ table!

3 ways effective records management can help achieve cybersecurity success


So now that we understand the newfound glory of this role, it is important to see how to achieve success in records and information management and therefore, how to actively contribute to success in cybersecurity.

Here are three ways:

1. People

These days, many people respond to problems with the common phrase “there’s an app for that.” Records management and information management is no different. There are many extremely robust and effective tech tools out there for the problems of this field.

But Dr. Hasib emphasized that “you cannot base cybersecurity on technology alone.” Building a team around you of passionate information managers is critically important.

So how do you keep people passionate about information management?

Empower them to innovate, Dr. Hasib advises. If you empower people in their roles, they will be more incentivized to stay and perform well. And as mentioned earlier, innovation in this field is extremely important with the digitizing and ever-changing world around us.

2. Policy and process

Both of these are key aspects of executing a strong cybersecurity practice. First, it is important to understand the policies that impact the information flowing through your organization to help ensure you stay compliant – a potentially costly mistake if this is not clearly understood and executed. But equally as important are establishing internal policies on how employees should handle data and ensuring you have not only educated them on these policies, but have also incentivized employees to follow them.

Also, take the time to analyze business processes and their impact on how employees handle information. Throwing technology at a broken process doesn’t necessarily fix what is truly broken.

3. Technology

Now the fun part: new tools! Technology exists out there to assist in securing and managing information as it flows through the organization.

Take a look at content services platforms that address the entire information lifecycle, from capture to destruction, and address process inefficiencies with automation. Look for information retention and policy management solutions that put less work on the RM/IG or legal teams by aggregating relevant policies and providing clear recommendations and guidelines around the disposal of information – then even automatically disposes of it for you!

So many potential solutions out there for you to explore – take the time to work with vendors to understand what is a best fit for you, making sure to focus entirely on YOUR people and YOUR processes and policies.


So, this National Cybersecurity Awareness Month, in addition to our dedicated cybersecurity professionals by title, we are also celebrating records managers. They all deserve to celebrate their importance and deserve many pats on the back for the roles they play in cybersecurity.

Go out and buy a cape! Because Halloween is coming up, but also, we know you are true superheroes!

Amanda Ulery

Amanda Ulery

In her more than seven (wonderful) years at Hyland, Amanda Ulery has taken on the mission of sharing the business value of Hyland solutions with anyone who will listen. The... read more about: Amanda Ulery

1 Response

  1. Avatar Carolynn says:

    Amanda, You have some good articles regarding cybersecurity and information governance. Do you speak at local chapter ARMA seminars or meetings?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.