We all want to have a positive impact on our society, both within our local communities and on a wider global scale. Social Value is simply a way of measuring how much an organisation, individual or product is making that contribution and positive impact. This can be done by considering an immense range of factors within an organisation’s operations, including, (but not limited to), their supply chain, employees’ conditions and rights, plus environmental issues, and any specific or unique community factors local to where trading is based.
An organisation’s level of Social Value is ideally regulated by its wider stakeholders, including employees, shareholders, customers, and local community.
We can break down the definition of Social Value further as:
- Value or positive impact brought to society or communities
- Benefit to people and the environment
Types of Social Value can be categorised as:
- “Intrinsic” – benefits that are inherent in the product, service, or activity itself
- “Extrinsic” – a benefit that is not inherent in the product, service, or activity, but is instead something external that can be quantified and measured;
- “Instrumental” – a benefit that is an intermediate step in achieving a larger goal
So Social Value can best be defined as the positive impact of an organisation on its employees, local community and wider society.
Cybersecurity is typically focussed on the threat to the organisation and the impact any breach would have on operations, revenue, share price, market reputation, customer retention, market share, regulatory fines etc.
So where does Social Value align with Cybersecurity
This type of value can be difficult to measure and requires not just a change in perspective by the relevant security stakeholders, but engagement with wider business stakeholders. If we look back to the Social Value definition as the “positive impact of an organisation on its employees and the wider community and society” – just take a moment to think how easily that could be undermined by a cybersecurity breach.
As an example, data loss is a recurring topic in the news these days. Whilst one part of an organisation could be reporting on the positive Social Value impact being created, security could be dealing with a data breach which negatively impacts many customers, users and/or employees, and thereby undermines this positive Social Value message.
Social Value is a new and additional way to think about Cybersecurity. It requires a different mindset. Not replacing existing drivers, but complementing them, and as the world changes it’s important to be innovative in this area. Going forward, the narratives of both Cybersecurity and Social Value need to be combined and aligned. In the event of a data breach, Social Value will force organisations to also consider the material impact on individual users, not just the impact to the business.
As we move forward into 2022 and beyond, the emergence of the socially aware customer is changing the way business leaders need to operate:
Internal Cyber teams: Are you engaging with the right business stakeholders? Are the business needs on Social Value fully understood? Could there be alternative sources of funding, previously not considered, to meet the ever-changing threat profile?
- Cybersecurity needs to be at the heart of the Social Value story, not a bystander or a frustrating afterthought when a breach has occurred
Security Vendors: Does your sales pitch include Social Value and how your proposal can help in this area? If not, then you’re missing an element that will have immense strategic value to your customers, an element your competitors may already be addressing.
HOW WE CAN HELP
We understand the importance of safeguarding all aspects of business, and Social Value is at the core of what we do. We can help, with people and tools to understand the Social Value impacts of decisions that need to be made, and help you gain confidence in Cyber Security frameworks, in a fast-paced and ever-changing world.
This article is one in a series of Social Value and Cybersecurity articles written by the team at Accordant.