Enterprising Developments

Data Breaches a Wake-Up Call to Management

Joe McKendrick
Insurance Experts' Forum, January 27, 2012

The Ponemon Institute, which does a lot of research in IT and data security, just released its findings on the characteristics of – and reactions to – data breaches at 584 companies. One out of five were financial services companies, the largest industry segment in the survey.

Overall, the IT professionals surveyed say that as a result of their recent incidents, they feel more confident than senior leadership about the ability to keep customer data secure from future breaches. As a broad trend, privacy and data protection became a greater priority for senior leadership following a breach. As a result, IT security budgets for most organizations in this study increased. Lessons learned from the data breach are to limit the amount of personal data collected, limit sharing with third parties and limit the amount of personal data stored.

Here are some of Ponemon's findings on the nature of recent data breaches, and how they impacted organizations and customers:

- In most cases, sensitive data lost or stolen was not encrypted. “Sixty percent of respondents say the customer data that was lost or stolen was not encrypted and 16 percent are unsure.”

- Organizations report that it was their most sensitive data was lost or stolen. “Respondents report the loss of email addresses and credit card or payment information.”

- Insiders and third parties are most often the cause of the data breach. “Forty-four percent of respondents say they were not able to determine the root causes of the breach or are unsure. If the organization was able to determine the cause of the breach, most often it was the negligent insider (34 percent). Nineteen percent say it was the outsourcing of data to a third party and 16 percent say a malicious insider was the main cause.”

- Data breaches reduce an organization’s productivity. “Fifty percent of respondents say the most negative consequence of the breach was the loss of productivity. In the aftermath of a data breach, key employees may be diverted from their usual responsibilities to help the organization respond to and resolve the data breach. This is followed by a loss of customer loyalty (41 percent) and legal action (34 percent) as the most negative consequences.”

- Data breach response strategies need improvement. “Fifty percent believe their organization made the best possible effort following the data breach. However, only 30 percent say that it was successful in preventing any negative consequences from the data breach. In addition, only 27 percent believe their data breach notification efforts increased customer and consumer trust in their organization.

- Organizations are now minimizing the amount of personal data collected, shared and stored. “Almost half (49 percent) now say they limit the amount of personal data collected and 48 percent now limit the sharing of this data with third parties. Forty-two percent say the organization limits the amount of personal data stored. However, only 27 percent say the organization now limits the amount of personal information used for marketing purposes.”

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Smarter Tablet Use Could Transform Insurance

By reducing administrative tasks and automating paperwork, tablets can increase agentsí selling time and help them respond to customers in seconds, not hours.

Insurance Wake-Up Call: Embrace the Shared Economy Opportunities

SMA believes that insurers must embrace a "shared economy," crowdsourcing and open innovation to get ahead in the new marketplace.

Silicon Valley Ventures

A trip to area hotbed of technological innovation calls into question the potential viability of insurers' legacy systems, operations and processes.

The Lion and the Mouse: Start-ups Pitch to Top Insurer

Insurers should be on the lookout for innovative partnership arrangements that produce unique and valuable solutions.

Open Source Continues its March into the Enterprise

Insurers have a range of open-source options for running their businesses.

Sometimes The Best Way to Speed Up is to Slow Down

Insurers across all lines of business increasingly recognize that their core systems are not able to properly position them to deal with imminent competitive threats.