Enterprising Developments

Overlooking Data Security

Joe McKendrick
Insurance Experts' Forum, May 13, 2011

In a new article, Richard Levick, Esq., a crisis and public affairs communications specialist, wonders out loud if the data security debacle suffered by Sony Online Entertainment services could have been managed more effectively. 

Sony's crisis of confidence may reflect issues that are pervasive throughout many corporate cultures. Levick cites 2010 Carnegie Mellon University survey of corporate directors and executives that reveals “a stunning disconnect between consumers who are increasingly concerned about data breaches and the boards that are ultimately responsible for preventing them.” 

The survey found none of the boards in the survey places data security among its top three priorities. Only 6% reported that their boards had an IT or data security committee.

This disconnect between management and in-the-trenches IT requirements is a challenge even the best technologies can't fix. There are very effective security features available in today's database products, along with data encryption and de-identification solutions. Security technology is great, but there is a lack of management will to underwrite security efforts.

Often, data breaches are unavoidable, but a well-prepared and well-trained corporate culture can be an effective line of defense. Levick cites the example of the data breach at Heartland Payment Systems, in which the company's management moved quickly to notify customers in an “unprecedented communications effort that not only protected consumer relationships, but also made each subsequent step in the recovery process all the more credible. As a result, crisis was transformed into an opportunity as Heartland worked with competitors and drove industry-wide reforms that secured its leadership position in the ongoing battle against cybercrime.”

 

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology. 

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

3 Reasons DevOps Matters

Every insurer needs to compete on products and information turned around in light-speed fashion.

Coordinate Coverages to Manage Social Media Exposures

The bottom line is that no one policy will cover all the exposures in the social media realm.

The Internet of Things: Helping Insurers Make Better-Informed Decisions about Risk

The IoT is a major game changer for the insurance industry, and will likely affect every part of the insurance value chain. After all, insurance is data-driven, and that’s exactly what the IoT can deliver—relevant, actionable, real-time data that can provide an accurate picture of what is being—or may be—insured.

Software-Defined Everything

What does it take to virtualize all the key components in your data center?

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.

Competing with the Coasts for Tech Talent

Are heartland-based insurers at a recruiting disadvantage for tech skills?

Advertisement

Advertisement