Cybersecurity: Managing Tariff-Related Data Risks

Companies juggling all of the business implications of the changes in US tariff policy should add managing data risks arising from those tariffs to the list. Here’s what Forrester has to say on that topic:

Data risks come in different flavors: risks to data, risks from data, and risks in the data. Assess whether this change — such as to the supplier, location, process, etc. — introduces data risks that are unacceptable or require additional risk mitigation efforts. Changing your supplier for IT equipment may introduce risks to data if it is preloaded with spyware during the manufacturing process or if it’s in locations where threat actors have a higher likelihood of intercepting shipments to tamper with the devices. Hastily restructuring to move operations out of a geography may introduce risks from data based on how you use or process the data, as well as how the data needs to flow for business purposes; this can potentially put your organization out of compliance with regulatory or contractual obligations.